现创建acl acl number 100 禁ping ruledeny icmp source any destination any 用于控制Blaster蠕虫的传播 ruledeny udp source any destination any destination-port eq 69 ruledeny tcp source any destination any destination-port eq 4444 用于控制冲击
acl number 100
禁ping
rule deny icmp source any destination any
用于控制Blaster蠕虫的传播
rule deny udp source any destination any destination-port eq 69
rule deny tcp source any destination any destination-port eq 4444
用于控制冲击波病毒的扫描和攻击
rule deny tcp source any destination any destination-port eq 135
rule deny udp source any destination any destination-port eq 135
rule deny udp source any destination any destination-port eq netbios-ns
rule deny udp source any destination any destination-port eq netbios-dgm
rule deny tcp source any destination any destination-port eq 139
rule deny udp source any destination any destination-port eq 139
rule deny tcp source any destination any destination-port eq 445
rule deny udp source any destination any destination-port eq 445
rule deny udp source any destination any destination-port eq 593
rule deny tcp source any destination any destination-port eq 593
用于控制振荡波的扫描和攻击
rule deny tcp source any destination any destination-port eq 445
rule deny tcp source any destination any destination-port eq 5554
rule deny tcp source any destination any destination-port eq 9995
rule deny tcp source any destination any destination-port eq 9996
用于控制 Worm_MSBlast.A 蠕虫的传播
rule deny udp source any destination any destination-port eq 1434
下面的不出名的病毒端口号 (可以不作)
rule deny tcp source any destination any destination-port eq 1068
rule deny tcp source any destination any destination-port eq 5800
rule deny tcp source any destination any destination-port eq 5900
rule deny tcp source any destination any destination-port eq 10080
rule deny tcp source any destination any destination-port eq 455
rule deny udp source any destination any destination-port eq 455
rule deny tcp source any destination any destination-port eq 3208
rule deny tcp source any destination any destination-port eq 1871
rule deny tcp source any destination any destination-port eq 4510
rule deny udp source any destination any destination-port eq 4334
rule deny tcp source any destination any destination-port eq 4331
rule deny tcp source any destination any destination-port eq 4557
然后下发配置
packet-filter ip-group 100
目的:针对目前网上出现的问题,对目的是端口号为1434的UDP报文进行过滤的配置方法,详细和复杂的配置请看配置手册。
NE80的配置:
NE80(config)#rule-map r1 udp any any eq 1434
//r1为role-map的名字,udp 为关键字,any any 所有源、目的IP,eq为等于,1434为udp端口号
NE80(config)#acl a1 r1 deny
//a1为acl的名字,r1为要绑定的rule-map的名字,
NE80(config-if-Ethernet1/0/0)#access-group acl a1
//在1/0/0接口上绑定acl,acl为关键字,a1为acl的名字
NE16的配置:
NE16-4(config)#firewall enable all
//首先启动防火墙
NE16-4(config)#access-list 101 deny udp any any eq 1434
//deny为禁止的关键字,针对udp报文,any any 为所有源、目的IP,eq为等于, 1434为udp端口号
NE16-4(config-if-Ethernet2/2/0)#ip access-group 101 in
//在接口上启用access-list,in表示进来的报文,也可以用out表示出去的报文
中低端路由器的配置
[Router]firewall enable
[Router]acl 101
[Router-acl-101]rule deny udp source any destion any destination-port eq 1434
[Router-Ethernet0]firewall packet-filter 101 inbound
6506产品的配置:
旧命令行配置如下:
6506(config)#acl extended aaa deny protocol udp any any eq 1434
6506(config-if-Ethernet5/0/1)#access-group aaa
国际化新命令行配置如下:
[Quidway]acl number 100
[Quidway-acl-adv-100]rule deny udp source any destination any destination-port eq 1434
[Quidway-acl-adv-100]quit
[Quidway]interface ethernet 5/0/1
[Quidway-Ethernet5/0/1]packet-filter inbound ip-group 100 not-care-for-interface
5516产品的配置:
旧命令行配置如下:
5516(config)#rule-map l3 aaa protocol-type udp ingress any egress any eq 1434
5516(config)#flow-action fff deny
5516(config)#acl bbb aaa fff
5516(config)#access-group bbb
国际化新命令行配置如下:
[Quidway]acl num 100
[Quidway-acl-adv-100]rule deny udp source any destination any destination-port eq 1434
[Quidway]packet-filter ip-group 100
3526产品的配置:
旧命令行配置如下:
rule-map l3 r1 0.0.0.0 0.0.0.0 1.1.0.0 255.255.0.0 eq 1434
flow-action f1 deny
acl acl1 r1 f1
access-group acl1
国际化新命令配置如下:
acl number 100
rule 0 deny udp source 0.0.0.0 0 source-port eq 1434 destination 1.1.0.0 0
packet-filter ip-group 101 rule 0
注:3526产品只能配置外网对内网的过滤规则,其中1.1.0.0 255.255.0.0是内网的地址段。
8016产品的配置:
旧命令行配置如下:
8016(config)#rule-map intervlan aaa udp any any eq 1434
8016(config)#acl bbb aaa deny
8016(config)#access-group acl bbb vlan 10 port all
国际化新命令行配置如下:
8016(config)#rule-map intervlan aaa udp any any eq 1434
8016(config)#eacl bbb aaa deny
8016(config)#access-group eacl bbb vlan 10 port all
What are some tools you can use to monitor MySQL performance?Apr 23, 2025 am 12:21 AMHow to effectively monitor MySQL performance? Use tools such as mysqladmin, SHOWGLOBALSTATUS, PerconaMonitoring and Management (PMM), and MySQL EnterpriseMonitor. 1. Use mysqladmin to view the number of connections. 2. Use SHOWGLOBALSTATUS to view the query number. 3.PMM provides detailed performance data and graphical interface. 4.MySQLEnterpriseMonitor provides rich monitoring functions and alarm mechanisms.
How does MySQL differ from SQL Server?Apr 23, 2025 am 12:20 AMThe difference between MySQL and SQLServer is: 1) MySQL is open source and suitable for web and embedded systems, 2) SQLServer is a commercial product of Microsoft and is suitable for enterprise-level applications. There are significant differences between the two in storage engine, performance optimization and application scenarios. When choosing, you need to consider project size and future scalability.
In what scenarios might you choose SQL Server over MySQL?Apr 23, 2025 am 12:20 AMIn enterprise-level application scenarios that require high availability, advanced security and good integration, SQLServer should be chosen instead of MySQL. 1) SQLServer provides enterprise-level features such as high availability and advanced security. 2) It is closely integrated with Microsoft ecosystems such as VisualStudio and PowerBI. 3) SQLServer performs excellent in performance optimization and supports memory-optimized tables and column storage indexes.
How does MySQL handle character sets and collations?Apr 23, 2025 am 12:19 AMMySQLmanagescharactersetsandcollationsbyusingUTF-8asthedefault,allowingconfigurationatdatabase,table,andcolumnlevels,andrequiringcarefulalignmenttoavoidmismatches.1)Setdefaultcharactersetandcollationforadatabase.2)Configurecharactersetandcollationfor
What are triggers in MySQL?Apr 23, 2025 am 12:11 AMA MySQL trigger is an automatically executed stored procedure associated with a table that is used to perform a series of operations when a specific data operation is performed. 1) Trigger definition and function: used for data verification, logging, etc. 2) Working principle: It is divided into BEFORE and AFTER, and supports row-level triggering. 3) Example of use: Can be used to record salary changes or update inventory. 4) Debugging skills: Use SHOWTRIGGERS and SHOWCREATETRIGGER commands. 5) Performance optimization: Avoid complex operations, use indexes, and manage transactions.
How do you create and manage user accounts in MySQL?Apr 22, 2025 pm 06:05 PMThe steps to create and manage user accounts in MySQL are as follows: 1. Create a user: Use CREATEUSER'newuser'@'localhost'IDENTIFIEDBY'password'; 2. Assign permissions: Use GRANTSELECT, INSERT, UPDATEONmydatabase.TO'newuser'@'localhost'; 3. Fix permission error: Use REVOKEALLPRIVILEGESONmydatabase.FROM'newuser'@'localhost'; then reassign permissions; 4. Optimization permissions: Use SHOWGRA
How does MySQL differ from Oracle?Apr 22, 2025 pm 05:57 PMMySQL is suitable for rapid development and small and medium-sized applications, while Oracle is suitable for large enterprises and high availability needs. 1) MySQL is open source and easy to use, suitable for web applications and small and medium-sized enterprises. 2) Oracle is powerful and suitable for large enterprises and government agencies. 3) MySQL supports a variety of storage engines, and Oracle provides rich enterprise-level functions.
What are the disadvantages of using MySQL compared to other relational databases?Apr 22, 2025 pm 05:49 PMThe disadvantages of MySQL compared to other relational databases include: 1. Performance issues: You may encounter bottlenecks when processing large-scale data, and PostgreSQL performs better in complex queries and big data processing. 2. Scalability: The horizontal scaling ability is not as good as Google Spanner and Amazon Aurora. 3. Functional limitations: Not as good as PostgreSQL and Oracle in advanced functions, some functions require more custom code and maintenance.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Atom editor mac version download
The most popular open source editor
Dreamweaver Mac version
Visual web development tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
