实验环境
摘要拓扑图:
实验拓扑图
设备登录凭据
软路由设备:( GatewayIP: 1-9 )
|
Hostname |
IP Address |
Username/Password |
|
ispct-vyos |
eth0IP: 192.168.31.41/24 eth1IP: 192.168.10.1/24 dns: 192.168.30.191 ospfv2: Route-ID(1.1.1.1/32) |
vyos/123456 |
|
ispcnc-vyos |
eth0IP: 192.168.32.41/24 eth1IP: 192.168.20.1/24 dns: 192.168.30.191 ospfv2: Route-ID(2.2.2.2/32) |
vyos/123456 |
|
ispout-vyos |
eth0IP: 192.168.30.1/24 eth1IP: 192.168.31.1/24 eth2IP: 192.168.32.1/24 dns: 192.168.30.191 ospfv2: Route-ID(3.3.3.3/32) |
vyos/123456 |
应用交付控制器设备:
( ANSIP: 11-19, CLIP: 21-29,
MIP: 31-39, SNIP: 41-49, VIP: 101-149, GSLBsiteIP: 151-159 )
|
Hostname |
IP Address |
Username/Password |
|
ans-ha1 |
ANSIP: 192.168.11.11 Gateway: 192.168.10.1 SNIP: 192.168.10.41 SNIP: 192.168.11.1 TimeZone: GMT+08:00-CST-Asia/Shanghai DNS: 192.168.11.191 NTP: 192.168.11.191 SystemParam: timeout(43200) CliMode: color(on) page(off) timeout(43200) |
ansroot/ansroot |
|
ans-ha2 |
ANSIP: 192.168.11.12 Gateway: 192.168.10.1 SNIP: 192.168.10.42 SNIP: 192.168.11.2 TimeZone: GMT+08:00-CST-Asia/Shanghai DNS: 192.168.11.191 NTP: 192.168.11.191 SystemParam: timeout(43200) CliMode: color(on) page(off) timeout(43200) |
ansroot/ansroot |
|
ans-one |
ANSIP: 192.168.21.11 Gateway: 192.168.20.1 SNIP: 192.168.20.41 SNIP: 192.168.21.1 TimeZone: GMT+08:00-CST-Asia/Shanghai DNS: 192.168.21.191 NTP: 192.168.21.191 SystemParam: timeout(43200) CliMode: color(on) page(off) timeout(43200) |
ansroot/ansroot |
应用服务器:( ServerIP: 51-99 )
|
Hostname |
IP Address |
Username/Password |
|
pub-websvr |
IP: 192.168.30.51/24 GW: 192.168.30.1 DNS1: 192.168.30.191 nginx: www.pub-websvr.com mariadb: root/qwe123 |
root/123456 |
|
rs-websvr1 |
IP: 192.168.21.51/24 GW: 192.168.21.1 DNS1: 192.168.21.191 nginx: www.rs-websvr1.com mariadb: root/qwe123 |
root/123456 |
|
rs-clamav |
IP: 192.168.21.52/24 GW: 192.168.21.1 DNS1: 192.168.21.191 nginx: www.rs-clamav.com mariadb: root/qwe123 snort: snort/123456 clamav: clamav/123456 squid: clamav/qwe123 |
root/123456 |
|
dsr-websvr1 |
IP: 192.168.10.51/24 GW: 192.168.10.1 DNS1: 192.168.30.191 nginx: www.dsr-websvr1.com mariadb: root/qwe123 |
root/123456 |
|
ms-websvr1 |
IP: 192.168.11.51/24 GW: 192.168.11.1 DNS1: 192.168.11.191 nginx: www.ms-websvr1.com mariadb: root/qwe123 |
root/123456 |
|
ms-websvr2 |
IP: 192.168.11.52/24 GW: 192.168.11.1 DNS1: 192.168.11.191 nginx: www.ms-websvr2.com mariadb: root/qwe123 |
root/123456 |
|
ms-websvr3 |
IP: 192.168.11.53/24 GW: 192.168.11.1 DNS1: 192.168.11.191 nginx: www.ms-websvr3.com mariadb: root/qwe123 |
root/123456 |
|
ms-webgoat |
IP: 192.168.11.61/24 GW: 192.168.11.1 DNS1: 192.168.11.191 nginx: www.ms-webgoat.com mariadb: root/qwe123 webgot: http://ip:8080/webgoat/login.mvc |
root/123456 |
Windows Desktop客户端:( ClientIP: 201-209 )
|
Hostname |
IP Address |
Username/Password |
|
Manage-Win7 |
-------------------------------------- IP: xxx.xxx.xxx.225/24 GW: xxx.xxx.xxx.1 DNS1: 8.8.8.8 DNS2: 4.2.2.1 -------------------------------------- IP: 192.168.30.225/24 GW: 192.168.30.1 DNS1: 192.168.30.191 -------------------------------------- IP: 192.168.11.225/24 GW: 192.168.30.1 DNS1: 192.168.11.191 -------------------------------------- IP: 192.168.21.225/24 GW: 192.168.30.1 DNS1: 192.168.21.191 -------------------------------------- |
Administrator/123456 TestUser01/123456 TestUser02/123456 TestUser03/123456 |
|
Public-Win7 |
-------------------------------------- IP: 192.168.30.201/24 GW: 192.168.30.1 DNS1: 192.168.30.191 -------------------------------------- |
Administrator/123456 TestUser01/123456 TestUser02/123456 TestUser03/123456 |
|
Private-Win7 |
-------------------------------------- IP: 192.168.11.201/24 GW: 192.168.11.1 DNS1: 192.168.11.191 -------------------------------------- |
Administrator/123456 TestUser01/123456 TestUser02/123456 TestUser03/123456 |
Windows Server 服务器:( ServerIP: 191-199 )
|
Hostname |
IP Address |
Username/Password |
|
ADNS-Win2008R2 |
IP: 192.168.30.191/24 GW: 192.168.30.1 DNS1: 127.0.0.1 DNSService – DNS_domain: testadp.com DHCPService: 192.168.30.91-99 192.168.10.91-99 192.168.20.91-99 CAService: http://ip/certsrv/default.asp |
Administrator/123456 |
|
MDNS-Win2008R2 |
IP: 192.168.11.191/24 GW: 192.168.11.1 DNS1: 127.0.0.1 ADService – AD_FQDN: mtestadp.com AD_NetBIOS: MTESTADP AD_Pass: testadp ADUsers – adpadmin/adpadmin adpuser01/adpuser01 adpuser02/adpuser02 adpuser03/adpuser03 DNSService – DNS_domain: mtestadp.com DHCPService: 192.168.11.91-192.168.11.99 CAService: http://ip/certsrv/default.asp |
Administrator/123456 |
|
RDNS-Win2008R2 |
-------------------------------------- IP: 192.168.21.191/24 GW: 192.168.21.1 DNS1: 127.0.0.1 -------------------------------------- ADService – AD_FQDN: rtestadp.com AD_NetBIOS: RTESTADP AD_Pass: testadp ADUsers – adpadmin/adpadmin adpuser01/adpuser01 adpuser02/adpuser02 adpuser03/adpuser03 DNSService – DNS_domain: rtestadp.com DHCPService: 192.168.21.91-192.168.21.99 CAService: http://ip/certsrv/default.asp |
Administrator/123456 |
Template模版机:( ManageIP: 211-219 )
|
Hostname |
IP Address |
Username/Password |
|
Client-Win7 |
IP: xxx.xxx.xxx.211/24 GW: xxx.xxx.xxx.1 DNS1: 8.8.8.8 DNS2: 4.2.2.1 |
Administrator/123456 |
|
Svr-Win2008R2 |
IP: xxx.xxx.xxx.212/24 GW: xxx.xxx.xxx.1 DNS1: 8.8.8.8 DNS2: 4.2.2.1 |
Administrator/123456 |
|
tpls-websvr |
IP: xxx.xxx.xxx.213/24 GW: xxx.xxx.xxx.1 DNS1: 8.8.8.8 DNS2: 4.2.2.1 nginx: www.tpls-websvr.com mariadb: root/qwe123 |
root/123456 |
VMware ESXI 宿主机:( ManageIP: 221-229 )
|
Hostname |
IP Address |
Username/Password |
|
localhost |
IP: xxx.xxx.xxx.229/24 GW: xxx.xxx.xxx.1 DNS1: 8.8.8.8 DNS2: 4.2.2.1 |
root/xxxxxx |
路由设置:
vyos@ispout-vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.30.1/24 u/u
eth1 192.168.31.1/24 u/u
eth2 192.168.32.1/24 u/u
eth3 192.168.50.1/24 u/u
eth4 172.16.205.221/24 u/u
lo 127.0.0.1/8 u/u
1.1.1.1/32
::1/128
vyos@ispout-vyos:~$
vyos@ispout-vyos:~$
vyos@ispout-vyos:~$ show configuration all
firewall {
all-ping enable
broadcast-ping disable
config-trap disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name OUTSIDE-IN {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
}
name OUTSIDE-LOCAL {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
icmp {
type-name echo-request
}
protocol icmp
state {
new enable
}
}
rule 30 {
action drop
destination {
port 22
}
protocol tcp
recent {
count 4
time 60
}
state {
new enable
}
}
rule 31 {
action accept
destination {
port 22
}
protocol tcp
state {
new enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
address 192.168.30.1/24
duplex auto
hw-id 00:0c:29:64:f1:9f
smp_affinity auto
speed auto
}
ethernet eth1 {
address 192.168.31.1/24
duplex auto
hw-id 00:0c:29:64:f1:a9
smp_affinity auto
speed auto
}
ethernet eth2 {
address 192.168.32.1/24
duplex auto
hw-id 00:0c:29:64:f1:b3
smp_affinity auto
speed auto
}
ethernet eth3 {
address 192.168.50.1/24
duplex auto
hw-id 00:0c:29:64:f1:bd
smp_affinity auto
speed auto
}
ethernet eth4 {
address 172.16.205.221/24
duplex auto
hw-id 00:0c:29:64:f1:c7
smp_affinity auto
speed auto
}
loopback lo {
address 1.1.1.1/32
}
}
nat {
destination {
rule 100 {
destination {
address 172.16.205.221
port 9075
}
inbound-interface eth4
protocol tcp
translation {
address 192.168.10.45
port 22
}
}
rule 101 {
destination {
address 172.16.205.221
port 9076
}
inbound-interface eth4
protocol tcp
translation {
address 192.168.10.45
port 443
}
}
}
source {
rule 100 {
outbound-interface eth4
source {
address 192.168.30.0/24
}
translation {
address masquerade
}
}
rule 101 {
outbound-interface eth4
source {
address 192.168.31.0/24
}
translation {
address masquerade
}
}
rule 102 {
outbound-interface eth4
source {
address 192.168.32.0/24
}
translation {
address masquerade
}
}
rule 103 {
outbound-interface eth4
source {
address 192.168.50.0/24
}
translation {
address masquerade
}
}
rule 104 {
outbound-interface eth4
source {
address 192.168.10.0/24
}
translation {
address masquerade
}
}
rule 105 {
outbound-interface eth4
source {
address 192.168.20.0/24
}
translation {
address masquerade
}
}
}
}
policy {
route-map CONNECT {
rule 10 {
action permit
match {
interface lo
}
}
}
}
protocols {
ospf {
area 0 {
network 192.168.30.0/24
network 192.168.31.0/24
network 192.168.32.0/24
network 192.168.50.0/24
}
default-information {
originate {
always
metric 10
metric-type 2
}
}
parameters {
abr-type cisco
router-id 1.1.1.1
}
redistribute {
connected {
metric-type 2
route-map CONNECT
}
}
}
static {
route 0.0.0.0/0 {
next-hop 172.16.205.254 {
}
}
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN30 {
authoritative disable
subnet 192.168.30.0/24 {
default-router 192.168.30.1
dns-server 192.168.30.1
domain-name internal-network-30
lease 86400
start 192.168.30.11 {
stop 192.168.30.19
}
}
}
shared-network-name LAN31 {
authoritative disable
subnet 192.168.31.0/24 {
default-router 192.168.31.1
dns-server 192.168.31.1
domain-name internal-network-31
lease 86400
start 192.168.31.11 {
stop 192.168.31.19
}
}
}
shared-network-name LAN32 {
authoritative disable
subnet 192.168.32.0/24 {
default-router 192.168.32.1
dns-server 192.168.32.1
domain-name internal-network-32
lease 86400
start 192.168.32.11 {
stop 192.168.32.19
}
}
}
shared-network-name LAN50 {
authoritative disable
subnet 192.168.50.0/24 {
default-router 192.168.50.1
dns-server 192.168.50.1
domain-name internal-network-50
lease 86400
start 192.168.50.11 {
stop 192.168.50.19
}
}
}
}
dns {
forwarding {
cache-size 0
listen-on eth0
listen-on eth1
listen-on eth2
listen-on eth3
name-server 8.8.8.8
name-server 4.2.2.1
name-server 192.168.30.191
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 20
}
console {
device ttyS0 {
speed 9600
}
}
host-name ispout-vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
name-server 8.8.8.8
name-server 192.168.30.191
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
options {
ctrl-alt-del-action ignore
reboot-on-panic true
}
package {
auto-sync 1
repository community {
components main
distribution helium
password ****************
url http://packages.vyos.net/vyos
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
user all {
facility all {
level emerg
}
}
}
time-zone Asia/Shanghai
}
vyos@ispout-vyos:~$
vyos@ispct-vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.31.41/24 u/u
eth1 192.168.10.1/24 u/u
eth2 - u/u
lo 127.0.0.1/8 u/u
2.2.2.2/32
::1/128
vyos@ispct-vyos:~$
vyos@ispct-vyos:~$ show configuration all
firewall {
all-ping enable
broadcast-ping disable
config-trap disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name OUTSIDE-IN {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
}
name OUTSIDE-LOCAL {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
icmp {
type-name echo-request
}
protocol icmp
state {
new enable
}
}
rule 30 {
action drop
destination {
port 22
}
protocol tcp
recent {
count 4
time 60
}
state {
new enable
}
}
rule 31 {
action accept
destination {
port 22
}
protocol tcp
state {
new enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
address 192.168.31.41/24
duplex auto
hw-id 00:0c:29:b9:b0:69
smp_affinity auto
speed auto
}
ethernet eth1 {
address 192.168.10.1/24
duplex auto
hw-id 00:0c:29:b9:b0:73
smp_affinity auto
speed auto
}
ethernet eth2 {
duplex auto
hw-id 00:0c:29:b9:b0:7d
smp_affinity auto
speed auto
}
loopback lo {
address 2.2.2.2/32
}
}
policy {
route-map CONNECT {
rule 10 {
action permit
match {
interface lo
}
}
}
}
protocols {
ospf {
area 0 {
network 192.168.10.0/24
network 192.168.31.0/24
}
parameters {
abr-type cisco
router-id 2.2.2.2
}
redistribute {
connected {
metric-type 2
route-map CONNECT
}
}
}
static {
route 0.0.0.0/0 {
next-hop 192.168.31.1 {
}
}
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN10 {
authoritative disable
subnet 192.168.10.0/24 {
default-router 192.168.10.1
dns-server 192.168.10.1
domain-name internal-network-10
lease 86400
start 192.168.10.11 {
stop 192.168.10.19
}
}
}
}
dns {
forwarding {
cache-size 0
listen-on eth1
listen-on eth2
name-server 8.8.8.8
name-server 4.2.2.1
name-server 192.168.30.191
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 20
}
console {
device ttyS0 {
speed 9600
}
}
host-name ispct-vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
name-server 8.8.8.8
name-server 192.168.30.191
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
options {
ctrl-alt-del-action ignore
reboot-on-panic true
}
package {
auto-sync 1
repository community {
components main
distribution helium
password ****************
url http://packages.vyos.net/vyos
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
user all {
facility all {
level emerg
}
}
}
time-zone Asia/Shanghai
}
vyos@ispct-vyos:~$
vyos@ispcnc-vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.32.41/24 u/u
eth1 192.168.20.1/24 u/u
eth2 - u/u
lo 127.0.0.1/8 u/u
3.3.3.3/32
::1/128
vyos@ispcnc-vyos:~$
vyos@ispcnc-vyos:~$ show configuration all
firewall {
all-ping enable
broadcast-ping disable
config-trap disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name OUTSIDE-IN {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
}
name OUTSIDE-LOCAL {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
icmp {
type-name echo-request
}
protocol icmp
state {
new enable
}
}
rule 30 {
action drop
destination {
port 22
}
protocol tcp
recent {
count 4
time 60
}
state {
new enable
}
}
rule 31 {
action accept
destination {
port 22
}
protocol tcp
state {
new enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
address 192.168.32.41/24
duplex auto
hw-id 00:0c:29:9a:28:eb
smp_affinity auto
speed auto
}
ethernet eth1 {
address 192.168.20.1/24
duplex auto
hw-id 00:0c:29:9a:28:f5
smp_affinity auto
speed auto
}
ethernet eth2 {
duplex auto
hw-id 00:0c:29:9a:28:ff
smp_affinity auto
speed auto
}
loopback lo {
address 3.3.3.3/32
}
}
policy {
route-map CONNECT {
rule 10 {
action permit
match {
interface lo
}
}
}
}
protocols {
ospf {
area 0 {
network 192.168.20.0/24
network 192.168.32.0/24
}
parameters {
abr-type cisco
router-id 3.3.3.3
}
redistribute {
connected {
metric-type 2
route-map CONNECT
}
}
}
static {
route 0.0.0.0/0 {
next-hop 192.168.32.1 {
}
}
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN20 {
authoritative disable
subnet 192.168.20.0/24 {
default-router 192.168.20.1
dns-server 192.168.20.1
domain-name internal-network-20
lease 86400
start 192.168.20.11 {
stop 192.168.20.19
}
}
}
}
dns {
forwarding {
cache-size 0
listen-on eth1
listen-on eth2
name-server 8.8.8.8
name-server 4.2.2.1
name-server 192.168.30.191
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 20
}
console {
device ttyS0 {
speed 9600
}
}
host-name ispcnc-vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
name-server 8.8.8.8
name-server 192.168.30.191
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
options {
ctrl-alt-del-action ignore
reboot-on-panic true
}
package {
auto-sync 1
repository community {
components main
distribution helium
password ****************
url http://packages.vyos.net/vyos
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
user all {
facility all {
level emerg
}
}
}
time-zone Asia/Shanghai
}
vyos@ispcnc-vyos:~$
管理客户端设置:
[c:~]$ ipconfig /all
Windows IP 配置
主机名 . . . . . . . . . . . . . : Manage-Win7
主 DNS 后缀 . . . . . . . . . . . :
节点类型 . . . . . . . . . . . . : 混合
IP 路由已启用 . . . . . . . . . . : 否
WINS 代理已启用 . . . . . . . . . : 否
以太网适配器 Tester Network:
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #5
?锢淼刂? . . . . . . . . . . . . : 00-0C-29-57-FA-46
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::9906:a9b3:e9a6:42d2%20(首选)
IPv4 地址 . . . . . . . . . . . . : 192.168.50.225(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 520096809
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-20-ED-F8-48-00-0C-29-57-FA-1E
DNS 服务器 . . . . . . . . . . . : 192.168.50.191
192.168.50.1
TCPIP 上的 NetBIOS . . . . . . . : 已启用
以太网适配器 Public Network:
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #4
物理地址. . . . . . . . . . . . . : 00-0C-29-57-FA-3C
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::e500:d68c:353:3eaa%17(首选)
IPv4 地址 . . . . . . . . . . . . : 192.168.30.225(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 452987945
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-20-ED-F8-48-00-0C-29-57-FA-1E
DNS 服务器 . . . . . . . . . . . : 192.168.30.191
192.168.30.1
TCPIP 上的 NetBIOS . . . . . . . : 已启用
以太网适配器 ISP CT Network:
连接特定的 DNS 后??. . . . . . . :
描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #3
物理地址. . . . . . . . . . . . . : 00-0C-29-57-FA-28
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::ae:375c:73bb:7d89%14(首选)
IPv4 地址 . . . . . . . . . . . . : 192.168.11.225(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 369101865
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-20-ED-F8-48-00-0C-29-57-FA-1E
DNS 服务器 . . . . . . . . . . . : 192.168.11.191
192.168.30.191
TCPIP 上的 NetBIOS . . . . . . . : 已启用
以太网适配器 ISP CNC Network:
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #2
物理地址. . . . . . . . . . . . . : 00-0C-29-57-FA-32
DHCP 已启用 . . . . . . . . . . . : ??
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::f4e6:e45d:703b:b4c2%13(首选)
IPv4 地址 . . . . . . . . . . . . : 192.168.21.225(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 318770217
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-20-ED-F8-48-00-0C-29-57-FA-1E
DNS 服务器 . . . . . . . . . . . : 192.168.21.191
192.168.30.191
TCPIP 上的 NetBIOS . . . . . . . : 已启用
以太网适配器 Manage Network:
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
物理地址. . . . . . . . . . . . . : 00-0C-29-57-FA-1E
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::d812:17bf:769d:9501%12(首选)
IPv4 地址 . . . . . . . . . . . . : 172.16.205.225(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . : 172.16.205.254
DHCPv6 IAID . . . . . . . . . . . : 251661353
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-20-ED-F8-48-00-0C-29-57-FA-1E
DNS 服务器 . . . . . . . . . . . : 8.8.8.8
4.2.2.1
TCPIP 上的 NetBIOS . . . . . . . : 已启用
隧道适配器 isatap.{98131348-37BA-4DB6-8696-F11454B2BB4E}:
媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
隧道适配器 本地连接* 11:
媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
隧道适配器 isatap.{2314BED2-5791-46B5-AC0E-95AFAB941404}:
媒体状态 . . . . . . . . . . . . : 媒?逡讯峡?
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2
物理地?? . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
隧道适配器 isatap.{068FFB88-2095-461A-998E-4E8663434A59}:
媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter #3
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
隧道适配器 isatap.{F3218EE1-631D-4D2C-A787-653461F3AD44}:
媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter #4
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
隧道适配器 isatap.{C85B4EED-4F92-4207-AED1-0826A8D281FC}:
媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter #5
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
[c:~]$
[c:~]$ route print
===========================================================================
接口列表
20...00 0c 29 57 fa 46 ......Intel(R) PRO/1000 MT Network Connection #5
17...00 0c 29 57 fa 3c ......Intel(R) PRO/1000 MT Network Connection #4
14...00 0c 29 57 fa 28 ......Intel(R) PRO/1000 MT Network Connection #3
13...00 0c 29 57 fa 32 ......Intel(R) PRO/1000 MT Network Connection #2
12...00 0c 29 57 fa 1e ......Intel(R) PRO/1000 MT Network Connection
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
IPv4 路由表
===========================================================================
活动路由:
网络目标 网络掩码 网关 接口 跃点数
0.0.0.0 0.0.0.0 172.16.205.254 172.16.205.225 266
127.0.0.0 255.0.0.0 在链路上 127.0.0.1 306
127.0.0.1 255.255.255.255 在链路上 127.0.0.1 306
127.255.255.255 255.255.255.255 在链路上 127.0.0.1 306
172.16.205.0 255.255.255.0 在链路上 172.16.205.225 266
172.16.205.225 255.255.255.255 在链路上 172.16.205.225 266
172.16.205.255 255.255.255.255 在链路上 172.16.205.225 266
192.168.10.0 255.255.255.0 192.168.30.1 192.168.30.225 11
192.168.11.0 255.255.255.0 在链路上 192.168.11.225 266
192.168.11.0 255.255.255.0 192.168.11.1 192.168.11.225 11
192.168.11.225 255.255.255.255 在链路上 192.168.11.225 266
192.168.11.255 255.255.255.255 在链路上 192.168.11.225 266
192.168.20.0 255.255.255.0 192.168.30.1 192.168.30.225 11
192.168.21.0 255.255.255.0 在链路上 192.168.21.225 266
192.168.21.0 255.255.255.0 192.168.21.1 192.168.21.225 11
192.168.21.225 255.255.255.255 在链路上 192.168.21.225 266
192.168.21.255 255.255.255.255 在链路上 192.168.21.225 266
192.168.30.0 255.255.255.0 在链路上 192.168.30.225 266
192.168.30.0 255.255.255.0 192.168.30.1 192.168.30.225 11
192.168.30.225 255.255.255.255 在链路上 192.168.30.225 266
192.168.30.255 255.255.255.255 在链路上 192.168.30.225 266
192.168.31.0 255.255.255.0 192.168.30.1 192.168.30.225 11
192.168.32.0 255.255.255.0 192.168.30.1 192.168.30.225 11
192.168.50.0 255.255.255.0 在链路上 192.168.50.225 266
192.168.50.0 255.255.255.0 192.168.50.1 192.168.50.225 11
192.168.50.225 255.255.255.255 在链路上 192.168.50.225 266
192.168.50.255 255.255.255.255 在链路上 192.168.50.225 266
224.0.0.0 240.0.0.0 在链路上 127.0.0.1 306
224.0.0.0 240.0.0.0 在链路上 172.16.205.225 266
224.0.0.0 240.0.0.0 在链路上 192.168.11.225 266
224.0.0.0 240.0.0.0 在链路上 192.168.21.225 266
224.0.0.0 240.0.0.0 在链路上 192.168.30.225 266
224.0.0.0 240.0.0.0 在链路上 192.168.50.225 266
255.255.255.255 255.255.255.255 在链路上 127.0.0.1 306
255.255.255.255 255.255.255.255 在链路上 172.16.205.225 266
255.255.255.255 255.255.255.255 在链路上 192.168.11.225 266
255.255.255.255 255.255.255.255 在链路上 192.168.21.225 266
255.255.255.255 255.255.255.255 在链路上 192.168.30.225 266
255.255.255.255 255.255.255.255 在链路上 192.168.50.225 266
===========================================================================
永久路由:
网络地址 网络掩码 网关地址 跃点数
192.168.30.0 255.255.255.0 192.168.30.1 1
192.168.31.0 255.255.255.0 192.168.30.1 1
192.168.32.0 255.255.255.0 192.168.30.1 1
192.168.50.0 255.255.255.0 192.168.50.1 1
192.168.10.0 255.255.255.0 192.168.30.1 1
192.168.20.0 255.255.255.0 192.168.30.1 1
192.168.21.0 255.255.255.0 192.168.21.1 1
192.168.11.0 255.255.255.0 192.168.11.1 1
0.0.0.0 0.0.0.0 172.16.205.254 默认
===========================================================================
IPv6 路由表
===========================================================================
活动路由:
如果跃点数网络目标 网关
1 306 ::1/128 在链路上
12 266 fe80::/64 在链路上
14 266 fe80::/64 在链路上
13 266 fe80::/64 在链路上
17 266 fe80::/64 在链路上
20 266 fe80::/64 在链路上
14 266 fe80::ae:375c:73bb:7d89/128
在链路上
20 266 fe80::9906:a9b3:e9a6:42d2/128
在链路上
12 266 fe80::d812:17bf:769d:9501/128
在链路上
17 266 fe80::e500:d68c:353:3eaa/128
在链路上
13 266 fe80::f4e6:e45d:703b:b4c2/128
在链路上
1 306 ff00::/8 在链?飞?
12 266 ff00::/8 在链路上
14 266 ff00::/8 在链路上
13 266 ff00::/8 在链路上
17 266 ff00::/8 在链路上
20 266 ff00::/8 在链路上
===========================================================================
永久路由:
无
[c:~]$
AppFwErrorPage.html
<html> <title>Application Firewall Block Page</title> <body> <h1><B>your request has been blocked by a security policy</B></h> <H3>Access has been blocked- if you feel this is in an error, please contact the site administrators quoting the following:</H3> <li>System Transaction ID:${NS_TRANSACTION_ID}: <li>AppFW Session ID: ${NS_APPFW_SESSION_ID}: <li>Violation Category: ${NS_APPFW_VIOLATION_CATEGORY}: <li>Violation Details:${NS_APPFW_VIOLATION_LOG}: </body> </html>
====================== End