Section 6: Security
6.1 TCP/UDP flooding
acl 3000
rule 5 deny tcp destination-port eq 135
rule 10 deny tcp destination-port eq 139
rule 15 deny und destination-port eq 445
interface g0/0/1
traffic-filter inbound acl 3000
6.2 Strom-control
interface s1/0/0
strom-control multicast min-rate 1000 max-rate 2000
strom-control interval 60
strom-control action block
strom-control enable log
6.3 访问控制
time-range offwork 23:00 to 00:00 workday
time-range offwork 00:00 to 07:00 workday
acl 2000
rule 5 permit source 10.1.10.100
rule 10 deny source 10.1.10.0 0.0.0.255 time-range offwork
interface g0/0/1
traffic-filter inbound acl 2000