Cisco自反控制列表的应用
Reflexive IP access list cisco permit tcp host 2.2.2.2 eq telnet host 1.1.1.1 eq 13232 (73 matches) (time left 293)permit icmp host 2.2.2.2 host 1.1.1.1(19 matches) (time left 262) (这里就是动态创建的临时开启表项。默认时间是300s后删除)
Extended IP access list infilter
10 permit ospf any any (100 matches)
20 evaluate cisco
Extended IP access list outfilter
10 permit ospf any any (105 matches)
20 permit icmp any host 2.2.2.2 reflect cisco (22 matches)
30 permit icmp any host 30.1.1.1 reflect cisco (11 matches)
40 permit tcp any host 2.2.2.2 eq telnet reflect cisco (245 matches)
50 permit tcp any host 30.1.1.1 eq telnet reflect cisco (138 matches)
R2#
页:
[1]