在全局禁用445端口号后,外网的服务器要通过445端口同步文件到网闸,该怎么设这个acl
acl advanced 3100
rule 10 permit tcp destination 192.168.102.2 0 destination-port eq 445
rule 11 permit udp destination 192.168.102.2 0 destination-port eq 445
rule 105 deny tcp destination-port eq 135
rule 106 deny tcp destination-port eq 137
rule 107 deny tcp destination-port eq 138
rule 108 deny tcp destination-port eq 139
rule 109 deny udp destination-port eq 135
rule 120 deny udp destination-port eq 137
rule 121 deny udp destination-port eq 138
rule 122 deny udp destination-port eq 139
rule 123 deny udp destination-port eq 445
rule 124 deny tcp destination-port eq 445
#
traffic classifier anti_wana operator and
if-match acl 3100
#
traffic behavior anti_wana
filter deny
#
qos policy anti_wana
classifier anti_wana behavior anti_wana
#
qos apply policy anti_wana global inbound
qos apply policy anti_wana global outbound
(0)
最佳答案
在对应的acl中配置permit 规则即可,如
rule 10 permit tcp destination 192.168.102.2 0 destination-port eq 445
rule 11 permit udp destination 192.168.102.2 0 destination-port eq 445
允许访问目的为192.168.102.2 主机的445端口。
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论