level 1
iilook
楼主
sys
acl number 3001
rule 0 deny udp source-port eq 53
rule 10 deny udp destination-port eq 53
rule 20 deny tcp source-port eq 80
rule 30 deny tcp destination-port eq 80
rule 40 deny tcp source-port eq 443
rule 50 deny tcp destination-port eq 443
quit
interface Ethernet0/1
firewall packet-filter 3001 outbound
quit
save
目的是要让 Ethernet0/1(WAN口) 网口接收到来自内网用户53,80,443端口发送的报文丢弃
2012年11月29日 14点11分
1
acl number 3001
rule 0 deny udp source-port eq 53
rule 10 deny udp destination-port eq 53
rule 20 deny tcp source-port eq 80
rule 30 deny tcp destination-port eq 80
rule 40 deny tcp source-port eq 443
rule 50 deny tcp destination-port eq 443
quit
interface Ethernet0/1
firewall packet-filter 3001 outbound
quit
save
目的是要让 Ethernet0/1(WAN口) 网口接收到来自内网用户53,80,443端口发送的报文丢弃