Router#sh run
Building configuration...
Current configuration : 2335 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!<
BR>hostname Router
!
enable secret 5 $1$2qcD$sKLJhsTs0FWYyFanxh7QK0
enable password 7 10440D1803164F465B507B787C
!
ip subnet-zero
!
!
!
!
!
!
interface FastEthernet0/0
ip address 211.96.×.× 255.255.255.240
ip access-group 101 in
ip access-group 101 out
ip nat outside
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
ip address 192.168.168.1 255.255.255.0
ip access-group 101 in
ip access-group 101 out
ip nat inside
duplex auto
speed auto
!
ip nat inside source list 10 interface FastEthernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 211.96.109.193
no ip http server
ip pim bidir-enable
!
!
access-list 10 permit 192.168.168.0 0.0.0.255
access-list 101 deny tcp any any eq echo
access-list 101 deny tcp any any eq chargen
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny tcp any any eq 138
access-list 101 deny tcp any any eq 139
access-list 101 deny tcp any any eq 389
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 4444
access-list 101 deny tcp any any eq 1068
access-list 101 deny tcp any any eq 5554
access-list 101 deny tcp any any eq 9995
access-list 101 deny tcp any any eq 9996
access-list 101 deny tcp any any eq 6666
access-list 101 deny tcp any any eq 593
access-list 101 deny udp any any eq tftp
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq 136
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny udp any any eq snmp
access-list 101 deny udp any any eq 389
access-list 101 deny udp any any eq 445
access-list 101 deny udp any any eq 1434
access-list 101 deny udp any any eq 1433
access-list 101 deny udp any any eq 1068
access-list 101 deny udp any any eq 9995
access-list 101 deny udp any any eq 9996
access-list 101 deny udp any any eq 5554
access-list 101 deny udp any any eq 593
access-list 101 permit ip any any
!
line con 0
line aux 0
line vty 0 4
password 7 09464A081F044A5F5A5E567D7C7079606D
login
!
!
end
Router# 【转自世纪安全网 http://www.21safe.com】
|
网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!)