Ä¿Ç°£¬Í¨¹ýVPNÀ´ÊµÏÖÔ¶³Ì°ì¹«ÊDZȽϳ£¼ûµÄ·½·¨¡£¸Ã·½·¨µÄ²»×ãÖ®´¦Ö÷ÒªÓÐÁ½µã£ºµÚÒ»£¬ÈôÒª±£Ö¤VPNÓû§Ëæʱ·ÃÎÊÄÚÍø£¬ÄÚÍøµÄ¼ÆËã»ú±ØÐ볤ʱ¼ä±£³Ö¿ª»ú״̬£¬Ôì³É´óÁ¿×ÊÔ´µÄÀË·Ñ£»µÚ¶þ£¬Óû§Á¬ÈëVPNÖ®ºó£¬Ö»ÄÜ°ÑÔ¶³Ì¼ÆËã»úµ±³ÉÍøÂçÁÚ¾ÓÖеÄÒ»Ô±À´»¥´«×ÊÁÏ¡£ ¡¡¡¡ÀûÓÃLinuxʵÏÖÔ¶³Ì°ì¹«¿ÉÒÔÃÖ²¹VPN·½Ê½µÄÒÔÉÏÁ½µã²»×㣺¿ÉÒÔʵÏÖ°´Ð迪»ú£»¿ÉÒÔÖ±½Ó¿ØÖƺͼà²âÔ¶³Ì¼ÆËã»ú£¬ÒÔ¼°Ô¶³Ì¼ÆËã»úµÄ×ÀÃæ¡£´Ë·½·¨ÖÐLinux·þÎñÆ÷±ØÐëÊÇÁ¬½ÓÔÚ¹«ÍøÉϵÄһ̨»úÆ÷£¬Ëü¡°°çÑÝ¡±ÁËÍø¹ØºÍ·À»ðǽµÄ½ÇÉ«£¬²¢ÇÒ¸ºÔð»½ÐÑÄÚÍøµÄ¼ÆËã»ú¡£... more

NAT·þÎñÆ÷Óë·À»ðǽ? dz̸IP? NATÔ­Àí¼°Ö÷Òª¹¦ÄÜ? NAT·þÎñÆ÷µÄ°²×°ÓëʹÓÃ? iptablesÔÚ·À»ðǽÉϵÄÔËÓÃ? ʵÀýÁ·Ï°? ·À»ðǽµÄ¼òµ¥ÉèÖÃ? iptables ÉèÖÃÎļþ²Î¿¼·¶ÀýSquid ·þÎñÆ÷ÓÐ×Å¿ìËÙ¶ÁÈ¡¹¦ÄÜ£¬¼õÉÙÁË¿Í»§¶ËÖ±½ÓÁ¬½ÓInternetµÄ»ú»á£¬²»×㣬ÕâÔÚÄ¿Ç°ÒÔIPv 4ΪÖ÷Á÷µÄÍøÂç»·¾³ÖУ¬µÄÈ·À§ÈÅ×ÅÐí¶àϵͳ¼°ÍøÂçÉè¼ÆÈËÔ±¡£Òò´Ë±¾Õ½«Ê¹ÓÃNATµÄ·½Ê½À´ÌṩÕâÒ»ÎÊÌâµÄ½â¾ö·½°¸¡£³ý´ËÖ®Í⣬ÀûÓÃNAT¸ÅÄîµÄÀ©Õ¹£¬ÎÒÃÇÒ²½«½éÉÜ·À»ðǽµÄ»ù±¾¸ÅÄîÒÔ¼°Ëü¶ÔÆóÒµÍøÂ簲ȫÐ... more

µÚ 1 Â¥£ºNetscreen·À»ðǽ¼òµ¥ÅäÖÃʵÀý¶ÔÕÕÁ½¸öÎĵµ£¬¿ÉÒÔʵÏÖ¼òµ¥ÅäÖÃnetscreen·À»ðǽ¡£Netscreen-100·À»ðǽµÄ»ù±¾ÅäÖÃÁ÷³ÌNetScreenϵÁвúÆ·£¬ÊÇÓ¦Ó÷dz£¹ã·ºµÄNATÉ豸¡£NetScreen£­100¾ÍÊÇÆäÖеÄÒ»ÖÖ¡£NetScreen-100ÊǸö³¤·½ÐεĺÚÏ»×Ó£¬ÆäÕýÃæÃæ°åÉÏÓÐËĸö½Ó¿Ú¡£×ó±ßÒ»¸öÊÇDB25´®¿Ú£¬ÓÒ±ßÈý¸öÊÇÒÔÌ«ÍøÍø¿Ú£¬´Ó×óÏòÓÒÒÀ´ÎΪTrust Interface¡¢DMZ Interface¡¢Untrust Interface¡£ÆäÖÐTrust InterfaceÏ൱ÓÚHUB¿Ú£¬ÏÂÐÐÁ¬½ÓÄÚ²¿ÍøÂçÉ豸¡£Untrust InterfaceÏ൱ÓÚÖ÷»ú¿Ú£¬ÉÏÐÐÁ... more

·À»ðǽ»ù±¾ÀàÐÍ¡¢¸ÅÄîÒÔ¼°¸÷Àà·À»ðǽµÄÖ÷ÒªÓÅȱµãdeveloperWorks¼¶±ð: ³õ¼¶¹¬Ò»Ãù, ÖйúµçÐÅÍøÂ簲ȫС×éºËÐijÉÔ±±¾ÎĽ«·ÖΪÁ½²¿·Ö£¬µÚÒ»²¿·Ö½«½éÉÜ·À»ðǽ»ù±¾ÀàÐͺ͸ÅÄÒÔ¼°Ã¿Àà·À»ðǽµÄÖ÷ÒªÓÅȱµã£¬È»ºóÊÇÑ¡¹ºÅäÖ÷À»ðǽµÄʱºòһЩÎóÇø£»µÚ¶þ²¿·Ö½«½áºÏµÚÒ»²¿·ÖÄÚÈݽéÉÜunixϵķÀ»ðǽÈí¼þipfilter£¬°üÀ¨¸ÃÈí¼þµÄ½éÉÜ¡¢°²×°¡¢¾ßÌåÓ¦Óõȡ£Ê²Ã´ÊÇ·À»ðǽ¶ÔÓÚÆóÒµµÄÍøÂç¶øÑÔ£¬Î´¼ÓÌرð°²È«±£»¤¶ø·ÅÖÃÔÚinternetÉÏ£¬Î£ÏÕÐÔÊÇÏÔ¶øÒ×¼ûµÄ¡£Ëæמö²ß²ã¶Ô°²È«ÈÏʶµÄÖð²½... more

×÷ÕߣºLinux/Free Software ¶ÀÁ¢¼¼Êõ¹ËÎʱ¾ÎĽéÉÜ Linux µÄ·À»ðǽ¼¼Êõ netfilter/iptables ÔÚ Linux ÄÚºËÖеľßÌåʵÏÖ¡£netfilter ºÍ Linux ·À»ðǽ½éÉÜLinux µÄ·À»ðǽ¼¼Êõ¾­ÀúÁËÈô¸É´úµÄÑظһ²½²½µÄ·¢Õ¹¶øÀ´¡£×ʼµÄ ipfwadm ÊÇ Alan Cox ÔÚ Linux kernel ·¢Õ¹µÄ³õÆÚ£¬´Ó FreeBSD µÄÄں˴úÂëÖÐÒÆÖ²¹ýÀ´µÄ¡£ºóÀ´¾­ÀúÁË ipchains£¬ÔÙ¾­ÓÉ Paul Russell ÔÚ Linux kernel 2.3 ϵÁеĿª·¢¹ý³ÌÖз¢Õ¹ÁË netfilter Õâ¸ö¼Ü¹¹¡£¶øÓû§¿Õ¼äµÄ·À»ðǽ¹ÜÀí¹¤¾ß£¬Ò²ÏàÓ¦µÄ·¢Õ¹Îª iptables¡£netfilter/... more

LinuxµÄ·À»ðǽÅäÖã¡£ºRedHat Linux ΪÔö¼Óϵͳ°²È«ÐÔÌṩÁË·À»ðǽ±£»¤¡£·À»ðǽ´æÔÚÓÚÄãµÄ¼ÆËã»úºÍÍøÂçÖ®¼ä£¬ÓÃÀ´Åж¨ÍøÂçÖеÄÔ¶³ÌÓû§ÓÐȨ·ÃÎÊÄãµÄ¼ÆËã»úÉϵÄÄÄЩ×ÊÔ´¡£Ò»¸öÕýÈ·ÅäÖõķÀ»ðǽ¿ÉÒÔ¼«´óµØÔö¼ÓÄãµÄϵͳ°²È«ÐÔ¡£¡¡¡¡ ... more

  ÔÚÅäÖÃPIX·À»ðǽ֮ǰ£¬ÏÈÀ´½éÉÜһϷÀ»ðǽµÄÎïÀíÌØÐÔ¡£·À»ðǽͨ³£¾ßÓÐÖÁÉÙ3¸ö½Ó¿Ú£¬µ«Ðí¶àÔçÆڵķÀ»ðǽֻ¾ßÓÐ2¸ö½Ó¿Ú£»µ±Ê¹ÓþßÓÐ3¸ö½Ó¿ÚµÄ·À»ðǽʱ£¬¾ÍÖÁÉÙ²úÉúÁË3¸öÍøÂ磬ÃèÊöÈçÏ£ºÄÚ²¿ÇøÓò£¨ÄÚÍø£©£ºÄÚ²¿ÇøÓòͨ³£¾ÍÊÇÖ¸ÆóÒµÄÚ²¿ÍøÂç»òÕßÊÇÆóÒµÄÚ²¿ÍøÂçµÄÒ»²¿·Ö¡£ËüÊÇ»¥Á¬ÍøÂçµÄÐÅÈÎÇøÓò£¬¼´Êܵ½ÁË·À»ðǽµÄ±£»¤¡£ ÍⲿÇøÓò£¨ÍâÍø£©£ºÍⲿÇøÓòͨ³£Ö¸Internet»òÕß·ÇÆóÒµÄÚ²¿ÍøÂç¡£ËüÊÇ»¥Á¬ÍøÂçÖв»±»ÐÅÈεÄÇøÓò£¬µ±ÍⲿÇøÓòÏëÒª·ÃÎÊÄÚ²¿ÇøÓòµÄÖ÷»úºÍ·þÎñ£¬Í¨¹ý·À... more

  Àý1. Pix525(config)#conduit permit tcp host 192.168.0.8 eq www any Õâ¸öÀý×Ó±íʾÔÊÐíÈκÎÍⲿÖ÷»ú¶ÔÈ«¾ÖµØÖ·192.168.0.8µÄÕą̂Ö÷»ú½øÐÐhttp·ÃÎÊ¡£ÆäÖÐʹÓÃeqºÍÒ»¸ö¶Ë¿ÚÀ´ÔÊÐí»ò¾Ü¾ø¶ÔÕâ¸ö¶Ë¿ÚµÄ·ÃÎÊ¡£Eq ftp ¾ÍÊÇÖ¸ÔÊÐí»ò¾Ü¾øÖ»¶ÔftpµÄ·ÃÎÊ¡£ Àý2. Pix525(config)#conduit deny tcp any eq ftp host 61.144.51.89 ±íʾ²»ÔÊÐíÍⲿÖ÷»ú61.144.51.89¶ÔÈκÎÈ«¾ÖµØÖ·½øÐÐftp·ÃÎÊ¡£ Àý3. Pix525(config)#conduit permit icmp any any ... more

. Ö¸¶¨Òª½øÐÐת»»µÄÄÚ²¿µØÖ·£¨nat£© ÍøÂçµØÖ··­Ò루nat£©×÷ÓÃÊǽ«ÄÚÍøµÄ˽ÓÐipת»»ÎªÍâÍøµÄ¹«ÓÐip.NatÃüÁî×ÜÊÇÓëglobalÃüÁîÒ»ÆðʹÓã¬ÕâÊÇÒòΪnatÃüÁî¿ÉÒÔÖ¸¶¨Ò»Ì¨Ö÷»ú»òÒ»¶Î·¶Î§µÄÖ÷»ú·ÃÎÊÍâÍø£¬·ÃÎÊÍâÍøʱÐèÒªÀûÓÃglobalËùÖ¸¶¨µÄµØÖ·³Ø½øÐжÔÍâ·ÃÎÊ¡£ natÃüÁîÅäÖÃÓï·¨£ºnat (if_name) nat_id local_ip [netmark] ÆäÖУ¨if_name£©±íʾÄÚÍø½Ó¿ÚÃû×Ö£¬ÀýÈçinside¡£Nat_idÓÃÀ´±êʶȫ¾ÖµØÖ·³Ø£¬Ê¹ËüÓëÆäÏàÓ¦µÄglobalÃüÁîÏàÆ¥Å䣬local_ip±íʾÄÚÍø±»·ÖÅäµÄipµØÖ·¡£ÀýÈç0.0.0.0±íʾÄÚÍøËùÓÐÖ÷... more

  ÎÊÌ⣺  ÉèÖ÷À»ðǽvpnºÍ·þÎñÆ÷£¬DMZÇø·þÎñÆ÷·¢²¼µÄÎÊÌâ,´Ó»¥ÁªÍø·ÃÎÊinside»òdmzµÄ·þÎñÆ÷¶¼ºÜÕý³££¬´Óinside¿ÉÒÔÉÏ»¥ÁªÍø£¬µ«¾ÍÊDz»ÄÜͨ¹ý»¥ÁªÍøÓòÃû·ÃÎÊinsideºÍdmzµÄ·þÎñÆ÷¡£ ½éÉÜ ±¾Îĵµ²ûÊöliasÔÚCisco PIX·À»ðǽÖеÄÓ÷¨. AliasµÄÁ½¸ö¹¦ÄÜ:ÀûÓÃDNS DoctoringÐÞÕýÍⲿDNS·þÎñÆ÷»Ø¸´o ÀûÓÃDNS Doctoring,PIX ½«"¸Ä±ä" ÍⲿDNSÏìÓ¦µÄµØÖ·µ½ÁíÒ»¸öIP£¬Õâ¸öµØÖ·²»Í¬ÓÚDNS·þÎñÆ÷ÉÏÕæʵÌṩµÄÓòÃû-IP¼Ç¼¡£o ´Ë¹¦ÄÜʵÏÖ´ÓÄÚ²... more