juniper禁止内网访问某些网站
2011-10-22 16:00
330 查看
定义禁止访问的元素
set security zones security-zone untrust address-book address yuku-web dns-name www.youku.com
set security zones security-zone untrust address-book address sina-web dns-name www.sina.com.cn
set security zones security-zone untrust address-book address tudou-web dns-name www.tudou.com
set security zones security-zone untrust address-book address v-sohu dns-name v.sohu.com
set security zones security-zone untrust address-book address ku6-web dns-name www.ku6.com
将这些元素加入某个组:
set security zones security-zone untrust address-book address-set block-web address yuku-web
set security zones security-zone untrust address-book address-set block-web address v-sohu
set security zones security-zone untrust address-book address-set block-web address tudou-web
set security zones security-zone untrust address-book address-set block-web address ku6-web
策略:
set security policies from-zone trust to-zone untrust policy block-web match source-address any
set security policies from-zone trust to-zone untrust policy block-web match destination-address block-web
set security policies from-zone trust to-zone untrust policy block-web match application any
set security policies from-zone trust to-zone untrust policy block-web then deny
set security zones security-zone untrust address-book address yuku-web dns-name www.youku.com
set security zones security-zone untrust address-book address sina-web dns-name www.sina.com.cn
set security zones security-zone untrust address-book address tudou-web dns-name www.tudou.com
set security zones security-zone untrust address-book address v-sohu dns-name v.sohu.com
set security zones security-zone untrust address-book address ku6-web dns-name www.ku6.com
将这些元素加入某个组:
set security zones security-zone untrust address-book address-set block-web address yuku-web
set security zones security-zone untrust address-book address-set block-web address v-sohu
set security zones security-zone untrust address-book address-set block-web address tudou-web
set security zones security-zone untrust address-book address-set block-web address ku6-web
策略:
set security policies from-zone trust to-zone untrust policy block-web match source-address any
set security policies from-zone trust to-zone untrust policy block-web match destination-address block-web
set security policies from-zone trust to-zone untrust policy block-web match application any
set security policies from-zone trust to-zone untrust policy block-web then deny
相关文章推荐
- 如何通过设定禁止访问某些特定网站
- 禁止某些IP访问您的网站
- panabit常用的内网访问控制(BOSS:上班时间禁止访问某网站!)
- 在本地电脑上禁止访问某些网站。
- 如何禁止访问某些网站?
- 网站禁止某些IP访问
- 公司内网不能访问某Internet网站
- 花生壳如何设置,如何发布网站及外网访问内网
- 怎样禁止自己的网站在访问某目录时直接列出网站目录
- 如何通过外网访问内网的网站?
- 花生壳使用教程,动态IP无公网IP时发布网站访问内网
- 防止恶意解析——禁止通过IP直接访问网站
- 防恶意解析,禁止用IP访问网站的Apache设置
- 局域网中客户机不能访问某些网站的问题报告
- juniper ssg550m 内网通过公网地址访问dmz主机(nat回流)
- 禁止IP访问网站的方法及工具
- 花生壳内网发布外网可以访问的网站
- 如何解决访问某些网站会跳出对话框标题为:address Book Viewer ,提示:"无法连接制定的目录服务.服务也许暂时不可用,或服务器名称不正确。"
- 【Vegas原创】HTTP无法访问内网网站的解决方法