ZTE C320

[BARVIT]

Подскажите, как отключть NetBIOS на данной голове если это возможно? 

И та же история в длинках, как зарубить этот протокол чтоб юзера друг друга в сетевом окружении не видели?

Відредаговано 9 грудня, 2014 BARVIT

[Учумелые ручки]

Подскажите, как отключть NetBIOS на данной голове если это возможно? 

И та же история в длинках, как зарубить этот протокол чтоб юзера друг друга в сетевом окружении не видели?

 

Имхо курить мануал насчет ACL

Configuring Standard ACL

Short Description Perform this procedure to configure standard ACL and apply it to

port.

Prerequisites � Make sure that the network device works normally.

� Log in to the ZXA10 through HyperTerminal or Telnet.

Context In a standard ACL, rules are defined on the basis of source IP

address only.

To configure the standard ACL, perform the following steps:

Steps 1. Use the configure terminal command to enter global configuration

mode.

2. Use the time-range command to configure ACL time range.

3. Use the acl standard command to configure standard ACL.

The standard ACL number range: 1 – 99.

4. Use the rule command to configure ACL rule.

Note:

� Each standard ACL supports maximum 127 rules.

� The time range must be configured before it is applied in a

rule. If time-range is not configured, the rule always takes

effect.

5. Use the interface command to enter interface configuration

mode.

6. Use the ip access-group command to apply ACL to port.

END OF STEPS

Example Configure a standard ACL on uplink port 0/14/1.

� Time range: 9:00 - 17:00, working day.

� Deny packets from source IP address: 168.1.1.1 0.0.0.255.

ZXAN#configure terminal

Enter configuration commands, one per line. End with CTRL/Z.

ZXAN(config)#time-range worktime 09:00:00 to 17:00:00 working-day

ZXAN(config)#acl standard number 3

ZXAN(config-std-acl)#rule 1 deny 168.1.1.1 0.0.0.255 time-range worktime

ZXAN(config-std-acl)#rule 2 permit any

ZXAN(config-std-acl)#exit

ZXAN(config)#interface gei_0/14/1

ZXAN(config-if)#ip access-group 3 in

Configuring Extended ACL

Short Description Perform this procedure to configure extended ACL and apply it to

port.

Prerequisites � Make sure that the network device works normally.

� Log in to the ZXA10 through HyperTerminal or Telnet.

Context In an extended ACL, rules are defined on the basis of the following:

� Source IP address

� Destination IP address

� IP protocol type

� Source TCP port number

� Destination TCP port number

� Source UDP port number

Destination UDP port number

� ICMP types

� DSCP

� ICMP code

� ToS precedence

To configure the extended ACL, perform the following steps:

Steps 1. Use the configure terminal command to enter global configuration

mode.

2. Use the time-range command to configure ACL time range.

3. Use the acl extended command to configure extended ACL.

Note:

The extended ACL number range: 100 – 199.

4. Use the rule command to configure ACL rule.

Note:

� Each extended ACL supports maximum 127 rules.

� The time range must be configured before it is applied in a

rule. If time-range is not configured, the rule always takes

effect.

5. Use the interface command to enter interface configuration

mode.

6. Use the ip access-group command to apply ACL to port.

END OF STEPS

Example Configure an extended ACL on uplink port 0/14/1:

Deny TCP packets from source IP address 168.1.1.1 0.0.0.255 and

source port 23 (Telnet).

ZXAN#configure terminal

Enter configuration commands, one per line. End with CTRL/Z.

ZXAN(config)#acl extend number 101

ZXAN(config-ext-acl)#rule 1 deny tcp 192.168.1.0 0.0.0.255 eq telnet any

ZXAN(config-ext-acl)#rule 2 permit any

ZXAN(config-ext-acl)#exit

XAN(config)#interface gei_0/14/1

ZXAN(config-if)#ip access-group 101 in

 

Насчет блокирования 137, 138, 139 порта ...

 

Ну или "заворачивать" каждого абона в отдельный Vlan, что ИМХО - правильней будет

 

ЗЫ: Это если я вообще правильно понял постановку вопроса ...