配置愛快路由器的ACL規(guī)則

id=1 enabled=yes comment=阻止訪問路由 action=drop dir=input ctdir=0 iinterface=any ointerface=any src_addr= dst_addr= protocol=any src_port= dst_port= week=1234567 time=00:00-23:59
id=2 enabled=yes comment=限制端口映射 action=drop dir=forward ctdir=1 iinterface=any ointerface=any src_addr= dst_addr= protocol=any src_port= dst_port= week=1234567 time=00:00-23:59
id=3 enabled=yes comment=允許ICMP action=accept dir=input ctdir=0 iinterface=any ointerface=any src_addr= dst_addr= protocol=icmp src_port= dst_port= week=1234567 time=00:00-23:59
id=4 enabled=yes comment=內(nèi)網(wǎng)要DNS來上網(wǎng) action=accept dir=input ctdir=0 iinterface=any ointerface=any src_addr= dst_addr= protocol=udp src_port=53 dst_port= week=1234567 time=00:00-23:59
id=5 enabled=yes comment=可上網(wǎng)的內(nèi)網(wǎng)IP action=accept dir=forward ctdir=1 iinterface=any ointerface=any src_addr=192.168.0.0-192.168.255.255 dst_addr= protocol=any src_port= dst_port= week=1234567 time=00:00-23:59
id=6 enabled=yes comment=允許管理路由器 action=accept dir=input ctdir=0 iinterface=any ointerface=any src_addr=106.111.0.0-106.111.255.255,39.172.91.235,115.218.0.0-115.218.255.255,192.168.0.0-192.168.255.255 dst_addr= protocol=any src_port= dst_port= week=1234567 time=00:00-23:59
id=7 enabled=yes comment=允許訪問端口映射 action=accept dir=forward ctdir=1 iinterface=any ointerface=any src_addr=106.111.0.0-106.111.255.255,39.172.91.235,115.218.0.0-115.218.255.255 dst_addr= protocol=any src_port= dst_port= week=1234567 time=00:00-23:59

保存成acl.txt導(dǎo)入策略即可

總結(jié)

以上是生活随笔為你收集整理的配置爱快路由器的ACL规则的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。