第 9 章 Policy
上一頁 部分 III. Juniper 下一頁
Home | Mirror | Search

第 9 章 Policy

目錄

1. 策略管理
2. OpenSSH
3. HTTP
4. RemoteDesktop
5. PPTP
6. DMZ to Untrust (nat src)

1. 策略管理

show policy

firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X



firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X

Removing policy

		
firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X

firewall-> unset policy 77

firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X

policy id = 79

set policy id 79
set service "HTTPS"
		

unset service "SSH"
exit

comments powered by Disqus
上一頁 上一級 下一頁
第 8 章 Router 起始頁 2. OpenSSH