Home | 簡體中文 | 繁體中文 | 雜文 | 打賞(Donations) | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎專欄 | Search | Email

第 18 章 Policy

目錄

18.1. 策略管理
18.2. OpenSSH
18.3. HTTP
18.4. RemoteDesktop
18.5. PPTP
18.6. DMZ to Untrust (nat src)

18.1. 策略管理

show policy

firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X



firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X
		

Removing policy

		
firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X

firewall-> unset policy 77

firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X
		
		

policy id = 79

set policy id 79
set service "HTTPS"
		

unset service "SSH"
exit