[H3C]disp curr
#
version 5.20, Beta 1203, Standard
#
sysname H3C
#
super password level 3 cher G/&,*9)@%QN"AOJR+IZST1!!
#
info-center logfile size-quota 0
#
firewall enable
#
domain default enable system
#
dns resolve
dns server 202.96.128.166
dns server 202.96.128.86
dns server 202.96.134.133
#
telnet server enable
#
dialer-rule 1 ip permit
#
vlan 1
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier bt operator and
if-match protocol bittorrent
#
traffic behavior 64K
car cir 64 cbs 4000 ebs 0 green pass red discard
traffic behavior 64k
#
qos policy kill-bt
classifier bt behavior 64K
#
local-user 0000
password cipher [email=]'GO3ZRV/6@"\B<[;.3#T1[/email]!!!
service-type telnet terminal
level 3
#
acl number 2000
rule 0 permit source 192.168.0.0 0.0.0.255
rule 5 deny
#
acl number 3001
rule 0 deny udp destination-port eq tftp
rule 1 deny tcp destination-port eq 135
rule 2 deny udp destination-port eq 135
rule 3 deny udp destination-port eq netbios-ns
rule 4 deny udp destination-port eq netbios-dgm
rule 5 deny tcp destination-port eq 139
rule 6 deny udp destination-port eq netbios-ssn
rule 7 deny tcp destination-port eq 445
rule 8 deny udp destination-port eq 445
rule 9 deny tcp destination-port eq 539
rule 10 deny udp destination-port eq 539
rule 11 deny udp destination-port eq 593
rule 12 deny tcp destination-port eq 593
rule 13 deny udp destination-port eq 1434
rule 14 deny udp destination-port eq 1433
rule 15 deny tcp destination-port eq 4444
rule 16 deny tcp destination-port eq 9996
rule 17 deny tcp destination-port eq 5554
rule 18 deny udp destination-port eq 9996
rule 19 deny udp destination-port eq 5554
rule 20 deny tcp destination-port eq 137
rule 21 deny tcp destination-port eq 138
rule 22 deny tcp destination-port eq 1025
rule 23 deny udp destination-port eq 1025
rule 24 deny tcp destination-port eq 9995
rule 25 deny udp destination-port eq 9995
rule 26 deny tcp destination-port eq 1068
rule 27 deny udp destination-port eq 1068
rule 28 deny tcp destination-port eq 1023
rule 29 deny udp destination-port eq 1023
rule 141 deny udp source-port eq bootps
rule 160 permit icmp icmp-type echo
rule 161 permit icmp icmp-type echo-reply
rule 162 permit icmp icmp-type ttl-exceeded
rule 165 deny icmp
rule 200 deny tcp destination-port eq www
rule 202 deny tcp destination-port eq ftp
rule 204 deny tcp destination-port eq 3389
rule 205 permit tcp destination-port eq telnet
acl number 3002
rule 0 deny udp destination-port eq tftp
rule 1 deny tcp destination-port eq 135
rule 2 deny udp destination-port eq 135
rule 3 deny udp destination-port eq netbios-ns
rule 4 deny udp destination-port eq netbios-dgm
rule 5 deny tcp destination-port eq 139
rule 6 deny udp destination-port eq netbios-ssn
rule 7 deny tcp destination-port eq 445
rule 8 deny udp destination-port eq 445
rule 9 deny tcp destination-port eq 539
rule 10 deny udp destination-port eq 539
rule 11 deny udp destination-port eq 593
rule 12 deny tcp destination-port eq 593
rule 13 deny udp destination-port eq 1434
rule 14 deny udp destination-port eq 1433
rule 15 deny tcp destination-port eq 4444
rule 16 deny tcp destination-port eq 9996
rule 17 deny tcp destination-port eq 5554
rule 18 deny udp destination-port eq 9996
rule 19 deny udp destination-port eq 5554
rule 20 deny tcp destination-port eq 137
rule 21 deny tcp destination-port eq 138
rule 22 deny tcp destination-port eq 1025
rule 23 deny udp destination-port eq 1025
rule 24 deny tcp destination-port eq 9995
rule 25 deny udp destination-port eq 9995
rule 26 deny tcp destination-port eq 1068
rule 27 deny udp destination-port eq 1068
rule 28 deny tcp destination-port eq 1023
rule 29 deny udp destination-port eq 1023
rule 30 permit tcp destination-port eq telnet
rule 141 deny udp source-port eq bootps
rule 160 permit icmp icmp-type echo
rule 161 permit icmp icmp-type echo-reply
rule 162 permit icmp icmp-type ttl-exceeded
rule 165 deny icmp
rule 170 permit ip source 192.168.0.12 0
rule 177 permit ip source 192.168.0.25 0
rule 178 permit ip source 192.168.0.27 0
rule 179 permit ip source 192.168.0.54 0
rule 180 permit ip source 192.168.0.41 0
rule 181 permit ip source 192.168.0.53 0
rule 182 permit ip source 192.168.0.22 0
rule 183 permit ip source 192.168.0.34 0
rule 184 permit ip source 192.168.0.46 0
rule 185 permit ip source 192.168.0.59 0
rule 186 permit ip source 192.168.0.174 0
rule 187 permit ip source 192.168.0.153 0
rule 188 permit ip source 192.168.0.66 0
rule 189 permit ip source 192.168.0.21 0
rule 190 permit ip source 192.168.0.61 0
rule 191 permit ip source 192.168.0.24 0
rule 192 permit ip source 192.168.0.40 0
rule 193 permit ip source 192.168.0.65 0
rule 194 permit ip source 192.168.0.16 0
rule 195 permit ip source 192.168.0.51 0
rule 196 permit ip source 192.168.0.48 0
rule 197 permit ip source 192.168.0.42 0
rule 198 permit ip source 192.168.0.57 0
rule 199 permit ip source 192.168.0.110 0
rule 200 permit ip source 192.168.0.52 0
rule 201 permit ip source 192.168.0.100 0
rule 202 permit ip source 192.168.0.69 0
rule 203 permit ip source 192.168.0.60 0
rule 204 permit ip source 192.168.0.68 0
rule 205 permit ip source 192.168.0.23 0
rule 206 permit ip source 192.168.0.62 0
rule 207 permit ip source 192.168.0.82 0
rule 208 permit ip source 192.168.0.47 0
rule 209 permit ip source 192.168.0.170 0
rule 210 permit ip source 192.168.0.144 0
rule 211 permit ip source 192.168.0.143 0
rule 212 permit ip source 192.168.0.3 0
rule 1000 deny ip
acl number 3600
rule 1 deny ip destination 219.133.40.15 0
rule 2 deny ip destination 218.17.209.23 0
rule 3 deny ip destination 202.104.129.252 0
rule 4 deny ip destination 218.18.95.153 0
rule 5 deny ip destination 202.104.129.251 0
rule 6 deny ip destination 61.144.238.145 0
rule 7 deny ip destination 202.104.129.253 0
rule 8 deny ip destination 61.141.194.203 0
rule 9 deny ip destination 202.104.129.254 0
rule 10 deny ip destination 218.18.95.165 0
rule 11 deny ip destination 61.144.238.146 0
rule 12 deny ip destination 219.133.40.91 0
rule 13 deny ip destination 211.248.99.252 0
rule 14 deny ip destination 218.17.217.66 0
rule 15 deny ip destination 61.144.238.156 0
rule 16 deny ip destination 219.133.40.89 0
rule 17 deny ip destination 219.133.40.115 0
rule 18 deny ip destination 219.133.40.90 0
rule 19 deny ip destination 219.133.40.113 0
rule 20 deny ip destination 219.133.40.114 0
rule 21 deny ip destination 210.22.12.126 0
rule 22 deny ip destination 61.141.194.223 0
rule 23 deny ip destination 61.172.249.135 0
rule 24 deny ip destination 202.104.128.233 0
rule 25 deny ip destination 202.96.170.164 0
rule 26 deny ip destination 218.17.217.103 0
rule 27 deny ip destination 218.66.59.233 0
rule 28 deny ip destination 61.141.194.207 0
rule 29 deny ip destination 202.96.170.163 0
rule 30 deny ip destination 202.96.170.166 0
rule 31 deny ip destination 202.96.140.18 0
rule 32 deny ip destination 202.96.140.119 0
rule 33 deny ip destination 202.96.140.8 0
rule 34 deny ip destination 202.96.140.12 0
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Dialer0
nat outbound 2000
firewall packet-filter 3001 inbound
link-protocol ppp
ppp chap user ---------
ppp chap password cipher JBa(VNaE:+7Q=^Q`MAF4<1!!
ppp pap local-user----------- password cipher JBa(VNaE:+7Q=^Q`MAF4<1!!
ppp ipcp dns admit-any
timer hold 0
shutdown
ip address ppp-negotiate
tcp mss 1024
dialer user one
dialer-group 1
dialer bundle 1
dialer timer idle 0
#
interface Dialer1
nat outbound 2000
link-protocol ppp
ppp chap user -----------
ppp chap password cipher 4P6A.RLAC1KQ=^Q`MAF4<1!!
ppp pap local-user ----------- password cipher 4P6A.RLAC1KQ=^Q`MAF4<1!!
timer hold 0
ip address ppp-negotiate
tcp mss 1024
dialer user two
dialer-group 1
dialer bundle 2
dialer timer idle 0
#
interface Ethernet0/0
port link-mode route
pppoe-client dial-bundle-number 1
qos apply policy kill-bt inbound
qos apply policy kill-bt outbound
standby interface Dialer1
standby bandwidth 2000
dar protocol-statistic flow-interval 5
#
interface Ethernet0/1
port link-mode route
pppoe-client dial-bundle-number 2
qos apply policy kill-bt inbound
qos apply policy kill-bt outbound
standby interface Dialer0
standby bandwidth 2000
dar protocol-statistic flow-interval 5
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.0.1 255.255.255.0
firewall packet-filter 3600 inbound
firewall packet-filter 3600 outbound
#
interface Ethernet0/2
port link-mode bridge
#
interface Ethernet0/3
port link-mode bridge
#
interface Ethernet0/4
port link-mode bridge
#
interface Ethernet0/5
port link-mode bridge
#
interface Ethernet0/6
port link-mode bridge
#
interface Ethernet0/7
port link-mode bridge
#
interface Ethernet0/8
port link-mode bridge
#
interface Ethernet0/9
port link-mode bridge
#
ip route-static 0.0.0.0 0.0.0.0 Dialer0
ip route-static 0.0.0.0 0.0.0.0 Dialer1 preference 80
#
arp source-suppression enable
arp static 192.168.0.12 0013-8fab-b404
arp static 192.168.0.54 000e-a68a-9568
arp static 192.168.0.41 0011-2f0c-2719
arp static 192.168.0.22 0013-8fc1-4768
arp static 192.168.0.34 0011-d898-6ad9
arp static 192.168.0.46 000e-a68b-7f18
arp static 192.168.0.153 0011-2f04-71a4
arp static 192.168.0.66 0040-0547-0822
arp static 192.168.0.21 0000-e8a4-1a27
arp static 192.168.0.40 000e-a63c-6991
arp static 192.168.0.65 000e-a639-c159
arp static 192.168.0.51 0011-2f67-c64d
arp static 192.168.0.48 0011-d82b-4d65
arp static 192.168.0.57 0013-8fb2-a30b
arp static 192.168.0.110 0011-2feb-c14f
arp static 192.168.0.52 000e-a68a-96d3
arp static 192.168.0.100 000a-eb07-34a1
arp static 192.168.0.69 000c-7635-1f11
arp static 192.168.0.82 0005-5d73-6259
arp static 192.168.0.144 0005-5de1-c57f
arp static 192.168.0.143 0005-5d66-8e8b
arp static 192.168.0.25 0011-d82b-4d8d
arp static 192.168.0.59 000e-a617-c920
arp static 192.168.0.47 0050-ba69-7510
arp static 192.168.0.60 0005-5de1-ce2e
arp static 192.168.0.62 0005-5d04-4b51
arp static 192.168.0.68 0005-5d66-8d4f
arp static 192.168.0.16 0011-2f0f-8781
arp static 192.168.0.24 0013-8fc1-479d
arp static 192.168.0.27 000e-a69a-ac3c
arp static 192.168.0.23 0050-ba26-748b
arp static 192.168.0.170 0005-5d67-88bc
arp static 192.168.0.53 0011-d89e-6c91
arp static 192.168.0.61 5254-ab59-2d38
arp static 192.168.0.42 0013-d41c-8488
arp static 192.168.0.3 000e-7f25-a0a0
arp static 192.168.0.174 000e-a617-ab21
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
protocol inbound telnet
#
return