不涉及
不涉及
防火墙RBM开局,发现在防火墙命令行ping自身地址不通。
接口配置很简单:
interface GigabitEthernet1/0/0
port link-mode route
combo enable copper
ip address 110.123.12.21 255.255.255.0
可以通过debug查看报文处理情况
Debug ip info 显示被atk攻击防范丢了。
*Oct 24 16:24:24:891 2023 F5000M IPFW/7/IPFW_INFO: -COntext=1;
MBUF was intercepted! Phase Num is 4(local in beforedefrag), Service ID is 2(atk), Bitmap is 2000000000000000, return 1(0:continue, 1:dropped, 2:consumed, 3:enqueued, 4:relay)! Interface is InLoopBack0,
s=110.123.12.21, d= 110.123.12.21, protocol= 1, pktid = 11185
VsysID = 1.
看配置local应用了攻击防范,丢弃源目ip一样的报文,所以自己ping自己不通。
#
security-zone name Local
attack-defense apply policy abc
#
#
attack-defense policy abc
syn-flood detect non-specific
syn-flood action logging
udp-flood detect non-specific
udp-flood action logging
icmp-flood detect non-specific
icmp-flood action logging
icmpv6-flood detect non-specific
icmpv6-flood action logging
signature detect fragment action drop logging
signature detect impossible action drop logging
将security-zone name Local视图下的attack-defense apply policy abc 删除即可
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作