45de
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq445
frulede
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq593rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq593用于控制振荡波的扫描和攻击rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq445rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq5554rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq9995rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq9996用于控制Worm_MSBlastA蠕虫的传播rulede
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq1434下面的不出名的病毒端口号(可以不作)rulerulerulerulerulerulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq1068de
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq5800de
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq5900de
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq10080de
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq455de
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq455
rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq3208rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq1871rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq4510rulede
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq4334rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq4331rulede
ytcpsourcea
ydesti
atio
a
ydesti
atio
porteq4557然后下发配置packetfilteripgroup100目的:针对目前网上出现的问题,对目的是端口号为1434的UDP报文进行过滤的配置方法,详细和复杂的配置请看配置手册。NE80的配置:NE80co
figrulemapr1udpa
ya
yeq1434r1为rolemap的名字,udp为关键字,a
ya
y所有源、目的IP,eq为等于,1434为udp端口号NE80co
figacla1r1de
ya1为acl的名字,r1为要绑定的rulemap的名字,NE80co
figifEther
et100accessgroupacla1在100接口上绑定acl,acl为关键字,a1为acl的名字NE16的配置:NE164co
figfirewalle
ableall首先启动防火墙NE164co
figaccesslist101de
yudpa
ya
yeq1434de
y为禁止的关键字,针对udp报文,a
ya
y为所有源、目的IP,eq为等于,1434为udp端口号NE164co
figifEther
et220ipaccessgroup101i
在接口上启用accesslist,i
表示进来的报文,也可以用out表示出去的报文中低端路由器的配置Routerfirewalle
able
fRouteracl101Routeracl101rulede
yudpsourcea
ydestio
a
ydesti
atio
porteq1434RouterEther
et0firewallpacketfilter101i
bou
d6506产品的配置:旧命令行配置如下:6506co
figaclexte
dedaaade
yprotocoludpa
ya
yeq14346506co
figifEther
et501accessgroupaaa国际化新命令行配置如下:Quidwayacl
umber100Quidwayacladv100rulede
yudpsourcea
ydesti
atio
a
ydesti
atio
porteq1434Quidwr
