扩展访问控制列表的两个高级选项-Mysql Tutorial-php.cn

Home

Database

Mysql Tutorial

扩展访问控制列表的两个高级选项

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 07, 2016 pm 03:06 PM

list Expand control Overview discuss access Options advanced

1. 概述: 本文讨论以下两个问题：理解和使用扩展访问控制列表的fragment 选项；理解和使用扩展访问控制列表的established 选项。 2.使用fragment 选项： (1) 当一个ACL只含有三层信息时，对所有的包都进行控制。 (2) 当不使用frament 选项

1. 概述:

本文讨论以下两个问题：

理解和使用扩展访问控制列表的fragment选项；

理解和使用扩展访问控制列表的established选项。

2.使用fragment选项：

(1) 当一个ACL只含有三层信息时，对所有的包都进行控制。

(2) 当不使用frament选项时,一个包含三层和四层信息的acl条目将对所有的数据包进行以下控制:

如果是未分片数据包(nonfragmented)或者分片数据包的第一个分片(initial fragment) ,都将按正常的ACL进行控制（permit或deny）。

如果是分片数据包的后续分片（noninitial fragment），则只检查ACL条目中的三层部分（协议号、源、目的）。如果三层匹配而且是permit控制，则允许该分片通过；如果三层匹配而且是deny控制，则继续检查下一个ACL条目（和正常的ACL控制顺序不同）。

（3）当使用fragment选项时,一个acl条目将只对分片数据包的后续分片（noninitial fragment）进行控制；并且ACL条目中不能包含四层信息。

access-list 101 permit fragment

3．使用established选项的ACL条目：

access-list 101 permit tcp established

该选项只能用于tcp协议，目的是为了实现基于tcp数据段（四层pdu）中的代码控制位的标志进行会话的控制，例如只允许那些已经建立的tcp会话的流量（特征是ACK或者RST标志已置位）。

例如：假定上图中要实现以下控制，只允许Net A的所有主机初始化到Net B的TCP通信，但是不允许NetB的主机初始化到Net A的TCP通信，可以使用以下ACL实现。

hostname R1

interface ethernet0

ip access-group 102 in

access-list 102 permit tcp any any gt 1023 established

4．小结

只有很好地理解tcp/ip协议各层数据单元的格式和内容，才能够正确使用ACL的各种高级选项功能。

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

Repo: How To Revive Teammates

1 months ago By 尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hello Kitty Island Adventure: How To Get Giant Seeds

1 months ago By 尊渡假赌尊渡假赌尊渡假赌

How Long Does It Take To Beat Split Fiction?

4 weeks ago By DDD

R.E.P.O. Save File Location: Where Is It & How to Protect It?

4 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7369

Java Tutorial

1628

CakePHP Tutorial

1354

Laravel Tutorial

1266

PHP Tutorial

1214

Related knowledge

How to count the number of elements in a list using Python's count() function Nov 18, 2023 pm 02:53 PM

How to use Python's count() function to calculate the number of an element in a list requires specific code examples. As a powerful and easy-to-learn programming language, Python provides many built-in functions to handle different data structures. One of them is the count() function, which can be used to count the number of elements in a list. In this article, we will explain how to use the count() function in detail and provide specific code examples. The count() function is a built-in function of Python, used to calculate a certain

How to use Baidu advanced search Feb 22, 2024 am 11:09 AM

How to use Baidu Advanced Search Baidu search engine is currently one of the most commonly used search engines in China. It provides a wealth of search functions, one of which is advanced search. Advanced search can help users search for the information they need more accurately and improve search efficiency. So, how to use Baidu advanced search? The first step is to open the Baidu search engine homepage. First, we need to open Baidu’s official website, which is www.baidu.com. This is the entrance to Baidu search. In the second step, click the Advanced Search button. On the right side of the Baidu search box, there is

How to create a grocery list: Use the Reminders app for iPhone Dec 01, 2023 pm 03:37 PM

In iOS 17, Apple added a handy little list feature to the Reminders app to help you when you're out shopping for groceries. Read on to learn how to use it and shorten your trip to the store. When you create a list using the new "Grocery" list type (named "Shopping" outside the US), you can enter a variety of food and groceries and have them automatically organized by category. This organization makes it easier to find what you need at the grocery store or while out shopping. Category types available in alerts include Produce, Bread & Cereals, Frozen Foods, Snacks & Candy, Meat, Dairy, Eggs & Cheese, Baked Goods, Baked Goods, Household Products, Personal Care & Wellness, and Wine, Beer & Spirits . The following is created in iOS17

How to open Internet options in Edge browser Jan 03, 2024 pm 12:49 PM

Friends who use IE browser will definitely use Internet options to set it up, but they can’t be found on edge browser, so how to open it? In fact, you only need to open the IE browser in the edge browser to set it up. Where are the internet options of the edge browser: 1. Enter the edge browser and click the three dots in the upper right corner. 2. Select "More Tools" in the taskbar. 3. Select "Open with Internet Explorer" in the new interface. 4. Click "Gear Settings" in the upper right corner of the new browser. 5. You can find "Internet Options" in the taskbar. 6. Click to enter settings.

Extensions and third-party modules for PHP functions Apr 13, 2024 pm 02:12 PM

To extend PHP function functionality, you can use extensions and third-party modules. Extensions provide additional functions and classes that can be installed and enabled through the pecl package manager. Third-party modules provide specific functionality and can be installed through the Composer package manager. Practical examples include using extensions to parse complex JSON data and using modules to validate data.

How to install mbstring extension under CENTOS7? Jan 06, 2024 pm 09:59 PM

1.UncaughtError:Calltoundefinedfunctionmb_strlen(); When the above error occurs, it means that we have not installed the mbstring extension; 2. Enter the PHP installation directory cd/temp001/php-7.1.0/ext/mbstring 3. Start phpize(/usr/local/bin /phpize or /usr/local/php7-abel001/bin/phpize) command to install php extension 4../configure--with-php-config=/usr/local/php7-abel

How to solve the problem of inaccessibility after Tomcat deploys war package Jan 13, 2024 pm 12:07 PM

How to solve the problem that Tomcat cannot successfully access the war package after deploying it requires specific code examples. As a widely used Java Web server, Tomcat allows developers to package their own developed Web applications into war files for deployment. However, sometimes we may encounter the problem of being unable to successfully access the war package after deploying it. This may be caused by incorrect configuration or other reasons. In this article, we'll provide some concrete code examples that address this dilemma. 1. Check Tomcat service

How to reset only C drive on Windows 11 Nov 18, 2023 pm 11:22 PM

If you have a problem with your Windows 11 computer, the best fix is to reset it, and in the latest version, Windows allows you to reset only the C drive, leaving the other drives unchanged. In this guide, we'll discuss three simple ways to reset your PC and make it work properly without deleting data on other drives. How to reset only C drive in Windows 11? Before proceeding with the steps to reset C drive on Windows 11, make sure you check the following: If you want to choose the cloud download option, make sure you have an active internet connection or switch to an Ethernet cable. Make sure to back up or move important data from your system drive. Check that the system drive has sufficient disk space. 1.Use

See all articles