问题描述:
如下配置未生效
acl number 3200 description VirusPort rule 5 deny tcp destination-port eq 135 rule 10 deny tcp destination-port eq 137 rule 15 deny tcp destination-port eq 139 rule 20 deny tcp destination-port eq 445 rule 25 deny tcp destination-port eq 138 rule 30 deny udp destination-port eq 135 rule 35 deny udp destination-port eq netbios-ns rule 40 deny udp destination-port eq netbios-dgm rule 45 deny udp destination-port eq netbios-ssn rule 50 deny udp destination-port eq 445 rule 55 deny udp destination-port eq 3389 rule 60 deny tcp destination-port eq 3389 rule 65 deny udp destination-port eq 161 rule 70 deny udp destination-port eq 162traffic classifier anti_wana operator and if-match acl 3200traffic behavior anti_wana filter denyqos policy anti_wana classifier anti_wana behavior anti_wanainterface GigabitEthernet4/0/0.70 qos apply policy anti_wana inbound qos apply policy anti_wana outbound
组网及组网描述:
应用后,外部扫描仍有很多445端口访问,由此判定不生效,下午测试icmp