第 14 章 Netflow

第 14 章 Netflow
上一頁	部分 II. Cisco IOS	下一頁

14.1. Firewall
14.2. Router
14.3. Switch
14.4. Netflow 實例

2911 路由器上 ip route-cache flow 等效 ip flow ingress

ip flow egress

14.1. Firewall

ASA (config)# flow-export destination inside 192.168.100.1 2055
ASA (config)# flow template timeout-rate 1
ASA (config)# access-list flow_export_acl permit ip host 10.1.1.1 host 10.2.2.2
ASA (config)# class-map flow_export_class
ASA (config-cmap)# match access-list flow_export_acl
ASA (config)# policy-map flow_export_policy
ASA (config-pmap)# class flow_export_class
ASA (config-pmap-c)# flow-export event-type flow-creation destination 192.168.100.1

flow-export destination inside 172.16.1.2 2055
flow template timeout-rate 1
access-list flow_export_acl permit ip host 172.16.1.254 host 172.16.1.2
class-map flow_export_class
match access-list flow_export_acl
policy-map flow_export_policy
class flow_export_class
flow-export event-type flow-creation destination 172.16.1.2


flow-export destination inside 172.16.1.2 2055
access-list flow_export_acl permit ip any any
class-map flow_export_class
match access-list flow_export_acl
policy-map flow_export_policy
class flow_export_class
flow-export event-type all destination 172.16.1.2

上一頁	上一級	下一頁
13.5. Example	起始頁	14.2. Router