YAMAHA RT シリーズ ポートを閉じる方法


Last update 2011.06.12

login password *
administrator password *
security class 2 off off
console columns 200
console lines infinity
pp line l128

ip filter 1 reject 192.168.0.0/16 * * * *
ip filter 2 reject 172.16.0.0/12 * * * *
ip filter 3 reject 10.0.0.0/8 * * * *
ip filter 4 reject 127.0.0.1 * * * *
ip filter 5 reject 210.145.140.144/28 * * * *

ip filter 10 reject * 210.145.140.145 tcp,udp * 23,80
ip filter 11 reject * 210.145.140.146 tcp,udp * 23

ip filter 30 pass 210.145.140.146 * tcp,udp 25,53,80 *

ip filter 40 reject * * udp,tcp * 1,7,11,15,43,67,69,70,79,87
ip filter 41 reject * * udp,tcp * 95,109,111,144,161-162,177,220,512-515,517-518,520
ip filter 42 reject * * udp,tcp * 540,1025,2000,2049,2766,6000-6999,8080
ip filter 43 reject * * udp,tcp * 137-139,445,568-569,1433-1434,1477-1478,1512,1755,1801,2393-2394,2525
ip filter 44 reject * * udp,tcp * 3268-3269,3389,31337
ip filter 45 reject * * udp,tcp * 5631-5632
ip filter 46 reject * * icmp-info * *

ip filter 60 pass-log * 210.145.140.159 * * *
ip filter 61 pass-log * 210.145.140.144 * * *
ip filter 62 pass-log * 210.145.140.145 * * *
ip filter 63 pass * 210.145.140.146 * * *

ip filter 80 reject * * udp,tcp 1,7,11,15,43,67,69,70,79,87 *
ip filter 81 reject * * udp,tcp 95,109,111,144,161-162,177,220,512-515,517-518,520 *
ip filter 82 reject * * udp,tcp 540,1025,2000,2049,2766,6000-6999,8080 *
ip filter 83 reject * * udp,tcp 137-139,445,568-569,1433-1434,1477-1478,1512,1755,1801,2393-2394,2525 *
ip filter 84 reject * * udp,tcp 3268-3269,3389,31337 *
ip filter 85 reject * * udp,tcp 5631-5632 *

ip filter 100 pass * * * * *

ip filter source-route on
ip filter directed-broadcast on
ip lan address 210.145.140.145/28
ip lan routing protocol none

pp select leased
ip pp route add net default 1
ip pp secure filter in 1 2 3 4 5 10 11 40 41 42 43 44 45 46 60 61 62 63
ip pp secure filter out 1 2 3 4 30 40 41 42 43 44 45 80 81 82 83 84 85 100
pp enable leased
syslog host 210.145.140.146
syslog notice on
dns server 210.145.140.146
dns domain ripe.co.jp
dns syslog resolv on
schedule at */* 04:00 leased ntpdate 210.145.140.146

back.gif (1980 バイト)

home.gif (1907 バイト)

Copyright © MURA All rights reserved.