Home | 简体中文 | 繁体中文 | 杂文 | 知乎专栏 | 51CTO学院 | CSDN程序员研修院 | Github | OSChina 博客 | 腾讯云社区 | 阿里云栖社区 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
知乎专栏多维度架构

第 17 章 Policy

目录

17.1. 策略管理
17.2. OpenSSH
17.3. HTTP
17.4. RemoteDesktop
17.5. PPTP
17.6. DMZ to Untrust (nat src)

17.1. 策略管理

show policy

firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X



firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X
		

Removing policy

		
firewall-> get policy
Total regular policies 24, Default deny.
    ID From     To       Src-address  Dst-address  Service              Action State   ASTLCB
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    77 Untrust  Trust    Any          VIP(61.144.~ CTBS                 Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X

firewall-> unset policy 77

firewall-> get policy
Total regular policies 23, Default deny.
    76 Untrust  Trust    Any          VIP(61.144.~ OpenSSH              Permit enabled -----X
    78 Untrust  Trust    Any          VIP(61.144.~ RemoteDesktop        Permit enabled -----X
		
		

policy id = 79

set policy id 79
set service "HTTPS"
		

unset service "SSH"
exit