- Planet WAN Router User's Manual
66
ip route 0.0.0.0 0.0.0.0 10.0.0.1
ip inspect audit-trail
ip inspect max-incomplete low 100
ip inspect max-incomplete high 120
ip inspect one-minute low 100
ip inspect one-minute high 120
ip inspect tcp synwait-time 50
ip inspect name test http
ip inspect name test ftp
ip inspect name test udp
ip inspect name test tcp
ip inspect name test smtp
ip inspect name test fragment maximum 100
!
access-list 100 permit tcp host 192.168.99.61 host 192.168.98.62
access-list 100 deny tcp any any
access-list 100 deny udp any any
access-list 100 permit ip any any
!
end
router#
router# show ip inspect sessions
CBAC built 2 sessions:
dns: 192.168.98.62(1034)=>168.95.1.1(53) state:UDP_CLIENT_SYN (0X40227)
dns: 192.168.98.62(1034)=>139.175.55.244(53) state:UDP_CLIENT_SYN (0X40228)
CBAC built 1 sessions:
dns: 192.168.98.62(1034)=>168.95.1.1(53) state:UDP_CLIENT_SYN (0X40229)
router#
router# debug ip inspect tcp
router# terminal monitor
25:54.237 CBAC: RCV TCP packet 192.168.98.62:1412=>192.168.99.61:21
fastethern
25:54.237 et0/0
25:54.263 CBAC: RCV TCP packet 192.168.99.61:21=>192.168.98.62:1412 serial0/0
25:54.265 CBAC: RCV TCP packet 192.168.98.62:1412=>192.168.99.61:21
fastethern
25:54.265 et0/0