实验需求:
1.参考以上拓扑所示,完成以下需求:
1) 配置各设备 IP 地址
2) 配置 ZBFW,Inside-1 和 nside-2 属于内部 Zone,Outside-1 属于外部 Zone
zone security inside
zone security outside
zone-pair security in-2-out source inside destination outside
zone-pair security out-2-in source outside destination inside
interface FastEthernet0/0
ip address 10.1.1.10 255.255.255.0
zone-member security inside
!
interface FastEthernet1/0
ip address 202.100.1.10 255.255.255.0
zone-member security outside
!
interface FastEthernet2/0
ip address 192.168.1.10 255.255.255.0
zone-member security inside
测试:
3) 监控 Outbound 的 TCP/UDP/ICM /DNS
class-map type inspect match-any in-out-any
match protocol tcp
match protocol udp
match protocol ftp
match protocol dns
policy-map type inspect outbound
class type inspect in-out-any
inspect
class class-default
drop
zone-pair security in-2-out source inside destination outside
service-policy type inspect outbound
测试:
4) 针对 Inbound 的 ICMP 流量为 9000bps burst 为 1MB
class-map type inspect match-all inbound
match protocol icmp
policy-map type inspect inbound
class type inspect inbound
inspect
police rate 9000 burst 1000
class class-default
drop
zone-pair security out-2-in source outside destination inside
service-policy type inspect inbound
测试:
5) 监控内部 Zone 的 Telnet/SSH 流
class-map type inspect match-any in-in
match protocol telnet
match protocol ssh
policy-map type inspect in-in
class type inspect in-in
inspect
class class-default
drop
zone-pair security in-in source inside destination inside
service-policy type inspect in-in
测试:
6) 监控 Inbound 到 self 的 Telnet 流
ip access-list extended in-self
permit tcp any host 202.100.1.10 eq telnet
permit tcp any host 10.1.1.10 eq telnet
class-map type inspect match-any telnet
match access-group name in-self
policy-map type inspect telnet
class type inspect telnet
inspect
class class-default
drop
zone-pair security in-self source inside destination self
service-policy type inspect telnet
测试:
)
![[论文阅读] 人工智能 + 软件工程 | 大型语言模型对决传统方法:多语言漏洞修复能力大比拼](http://pic.xiahunao.cn/[论文阅读] 人工智能 + 软件工程 | 大型语言模型对决传统方法:多语言漏洞修复能力大比拼)
