juniper开放端口笔记

1,端口描述

[edit]

root@SRX240# edit applications 

root@SRX240# set application 13389 protocol tcp destination-port 13389 

2.

[edit]

root@SRX240# edit security nat destination 

root@SRX240# set pool zwb_13389 address 192.168.50.160/32 port 13389 

[edit security nat destination]

root@SRX240# set rule-set zwb from zone untrust6  

root@SRX240# set rule-set zwb rule zwb_13389 match source-address 0.0.0.0/0 

root@SRX240# set rule-set zwb rule zwb_13389 match destination-address 183.238.XXX.XXX/30 

root@SRX240# set rule-set zwb rule zwb_13389 match destination-port 13389                     

root@SRX240# set rule-set zwb rule zwb_13389 then destination-nat pool zwb_13389 

3

[edit]

root@SRX240# edit security zones security-zone trust 

root@SRX240# set address-book address 192.168.50.160 192.168.60.160/32 

4

[edit]

root@SRX240# edit security policies 

root@SRX240# edit from-zone untrust6 to-zone trust 

root@SRX240# set policy zwb match source-address any    

root@SRX240# set policy zwb match destination-address 192.168.50.160 

root@SRX240# set policy zwb match application 13389                         

root@SRX240# set policy zwb then permit               

root@SRX240# top

root@SRX240# commit 

commit complete