Ethernet Networks: Design, Implementation, Operation, Management 4th phần 9

Cả hai cơ bản và các chi tiết kỹ thuật chuẩn hoạt động ở 2,4 GHz không có giấy phép công nghiệp khoa học và y tế (ISM) ban nhạc. Trong khi Ủy ban Truyền thông Liên bang (FCC) ở Mỹ quy định quyền lực tối đa và phương thức truyền dẫn, | security 469 Figure . Let s further assume that we want to restrict data originating from the Internet to Web traffic bound for the host whose IP address is . In addition we want to allow users on the 205 and 198 networks shown in Figure to initiate Telnet and Web-based queries to hosts on the Internet and allow the results of those queries to return via the Internet. To do so our access list would be as follows interface serial0 ip access-group 110 in access-list 110 remark allow TCP with ACK or RST bit set access-list 110 permit TCP any any established access-list 110 remark allow Web access to server access-list 110 permit TCP any host access-list 110 remark block everything else access-list 110 deny ip any any In this example the interface command is first used to define serial port 0. Next the ip access-group command is used to apply the access list statements we will enter as access list number 110 in the inbound direction on the serial interface. This is followed by the entry of six access list statements that form the actual access list. Note that for internal documentation three statements include remarks. Thus let s focus our attention upon the other three statements in the access list. The first non-remark statement permits TCP traffic that responds to queries initiated from the internal Ethernet networks. This is due to the keyword established in the statement. The second non-remark statement permits Web traffic port 80 from any host on the Internet to the server whose IP address is . The third non-remark statement is not really necessary as an access list has a deny all implicitly placed at the end of the list. In examining this access list it is important to note that it could create a problem for Web surfers and other persons using the Internet. This is because although TCP traffic is permitted all other traffic is blocked. This means your internal network users cannot use DNS as it is carried via UDP nor can

Không thể tạo bản xem trước, hãy bấm tải xuống
TỪ KHÓA LIÊN QUAN
TÀI LIỆU MỚI ĐĂNG
16    18    1    06-12-2022
3    11    1    06-12-2022
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.