Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Test New Rule

    Hochgeladen von

    Ryan Jimenez
    7 Ansichten2 Seiten
    Rule New

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Rule New

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    7 Ansichten2 Seiten

    Test New Rule

    Hochgeladen von

    Ryan Jimenez
    Rule New

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 2

    / ip firewall address-list

    add list="Allowed-Internet" address=172.18.1.0/24 comment="" disabled=no


    / ip firewall address-list
    add list="WAN-01" address=172.18.1.24/32 comment="" disabled=no
    add list="WAN-02" address=172.18.1.76/32 comment="" disabled=no
    / ip firewall nat
    add chain=srcnat action=masquerade out-interface="WAN - 01" src-address-list="Al
    lowed-Internet" comment="Gateway 10.0.1.1/24" disabled=no
    add chain=srcnat action=masquerade out-interface="WAN - 02" src-address-list="Al
    lowed-Internet" comment="Gateway 10.0.2.1/24" disabled=no
    / ip firewall mangle
    add chain=prerouting action=mark-routing new-routing-mark="WAN-01" src-address-l
    ist="WAN-01" passthrough=no comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="WAN-02" src-address-l
    ist="WAN-02" passthrough=no comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="HTTP traffic" passthr
    ough=no dst-port=80 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="SSL traffic" passthro
    ugh=no dst-port=443 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="POP3 traffic" passthr
    ough=no dst-port=110 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="SMTP traffic" passthr
    ough=no dst-port=25 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="P2P traffic" passthro
    ugh=no p2p=all-p2p comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="Unknown traffic" pass
    through=no comment="" disabled=no
    / ip route
    add dst-address=0.0.0.0/0 gateway=10.0.1.1
    k="WAN - 01" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.2.1
    k="WAN - 02" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.2.1
    k="HTTP traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.2.1
    k="SSL traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.2.1
    k="POP3 traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.1.1
    k="SMTP traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.1.1
    k="P2P traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.0.1.1
    k="Unknown traffic" comment="" disabled=no

    scope=255 target-scope=10 routing-mar


    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar
    scope=255 target-scope=10 routing-mar

    --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ROUTE
    ---------------------------------------------------------------------/ ip firewall address-list
    add list="Allowed-Internet" address=10.29.13.0/24 comment="" disabled=no
    add list="Astinet" address=10.29.13.0/24 comment="" disabled=no

    / ip firewall nat
    add chain=srcnat action=masquerade out-interface="ether13" src-address-list="All
    owed-Internet" comment="Gateway 118.97.111.57" disabled=no
    / ip firewall mangle
    add chain=prerouting action=mark-routing new-routing-mark="Astinet" src-addresslist="Astinet" passthrough=no comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="HTTP traffic" passthr
    ough=no dst-port=80 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="SSL traffic" passthro
    ugh=no dst-port=443 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="POP3 traffic" passthr
    ough=no dst-port=110 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="SMTP traffic" passthr
    ough=no dst-port=587 protocol=tcp comment="" disabled=no
    add chain=prerouting action=mark-routing new-routing-mark="Unknown traffic" pass
    through=no comment="" disabled=no
    / ip route
    add dst-address=0.0.0.0/0 gateway=118.97.111.57 scope=255 target-scope=10 routin
    g-mark="Astinet" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=118.97.111.57 scope=255 target-scope=10 routin
    g-mark="HTTP traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=118.97.111.57 scope=255 target-scope=10 routin
    g-mark="SSL traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=139.0.20.209 scope=255 target-scope=10 routing
    -mark="POP3 traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=139.0.20.209 scope=255 target-scope=10 routing
    -mark="SMTP traffic" comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=118.97.111.57 scope=255 target-scope=10 routin
    g-mark="Unknown traffic" comment="" disabled=no

    ---------------------------------------------------------------------------------------------------------------------------------------------------------------------

    Das könnte Ihnen auch gefallen