tailieunhanh - Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and filter - part10

Đây là thiết lập cơ bản cho QoS. Để biết thêm thông tin về HTB có thể được tìm thấy tại ~ devik / qos / HTB / dẫn sử dụng / . Ví dụ: Một ISP nhỏ tiêu biểu? Thuật ngữ "điển hình" có thể không được rất thích hợp khi | Chapter 8 if message ne use Net Telnet Cisco my session Net Telnet Cisco- new Host IP Port 2605 Timeout 20 Errmode fail ok session- cmd String p Prompt bgpd ok session- cmd String enable Prompt assword Timeout 20 ok session- cmd String p Prompt bgpd Timeout 20 ok session- cmd String conf t Timeout 20 Prompt bgpd config for i 0 i add2bgp i key add2bgp i ok session- cmd String access-list flood permit key 32 exact-match Timeout 20 Prompt bgpd config ok session- cmd String router bgp 65000 Timeout 20 Prompt bgpd config -router ok session- cmd String network key 32 Timeout 20 Prompt bgpd config -router ok session- cmd String exit Timeout 20 Prompt bgpd config ok session- cmd String exit Timeout 20 Prompt bgpd ok session- cmd String clear ip bgp bgp_peer out Timeout 20 Prompt bgpd ok session- cmd String wr me Timeout 20 249 Large Networks Case Studies Prompt bgpd ok session- cmd String exit Timeout 20 session- close This Perl script runs every 20 seconds from crontab and captures flows from the defined interface. If any host other than the ones in the exception list has a traffic of more than 6500 PPS defined in threshold then the destination IP address is filtered. City-1 Firewall for Business-Critical Voice Equipment The City-1 network contains servers that store very sensitive data which in the wrong hands could be very bad for business. A very fast example of how sensitive the data is would be calling cards details stored in the database of the VoIP billing system. If someone gains access to the database server of the VoIP billing system they can use the calling cards that are already on the market the company must redraw all those cards cancel them and generate others for market distribution. This would generate thousands of USD loss for the business. 250 Chapter 8 From the security point of view the City-1 network looks like this 2nd line of defense PGW 2200 PGW 2200 1st line of defense Radius Open h323 gk Cisco AS5350 Cisco GK Open h323 gk Wireless network Voice

TỪ KHÓA LIÊN QUAN