s6503配置访问控制列表防范冲击波等蠕虫

rule 1 deny tcp destination-port eq 135
rule 2 deny udp destination-port eq 135
rule 3 deny tcp destination-port eq 136
rule 4 deny udp destination-port eq 136
rule 5 deny tcp destination-port eq 137
rule 6 deny udp destination-port eq netbios-ns
rule 7 deny tcp destination-port eq 138
rule 8 deny udp destination-port eq netbios-dgm
rule 9 deny tcp destination-port eq 139
rule 10 deny udp destination-port eq netbios-ssn
rule 11 deny tcp destination-port eq 445
rule 12 deny udp destination-port eq 445
rule 13 deny tcp destination-port eq 593
rule 14 deny udp destination-port eq 593
rule 15 deny udp destination-port eq tftp
rule 16 deny tcp destination-port eq 4444
rule 17 deny udp destination-port eq 1434
rule 18 deny tcp destination-port eq 5554
rule 19 deny udp destination-port eq 5554
rule 20 deny tcp destination-port eq 9995
rule 21 deny udp destination-port eq 9995
rule 22 deny tcp destination-port eq 9996



网友:


只要端口号没错就行了，命令都是一样的。好象常见的就是那些了吧。
rule 23 deny udp destination-port eq 9996