第 13 章 Netflow

第 13 章 Netflow
上一页	部分 II. Cisco IOS	下一页

13.1. Firewall
13.2. Router
13.3. Switch
13.4. Netflow 实例

2911 路由器上 ip route-cache flow 等效 ip flow ingress

ip flow egress

13.1. Firewall

ASA (config)# flow-export destination inside 192.168.100.1 2055
ASA (config)# flow template timeout-rate 1
ASA (config)# access-list flow_export_acl permit ip host 10.1.1.1 host 10.2.2.2
ASA (config)# class-map flow_export_class
ASA (config-cmap)# match access-list flow_export_acl
ASA (config)# policy-map flow_export_policy
ASA (config-pmap)# class flow_export_class
ASA (config-pmap-c)# flow-export event-type flow-creation destination 192.168.100.1

flow-export destination inside 172.16.1.2 2055
flow template timeout-rate 1
access-list flow_export_acl permit ip host 172.16.1.254 host 172.16.1.2
class-map flow_export_class
match access-list flow_export_acl
policy-map flow_export_policy
class flow_export_class
flow-export event-type flow-creation destination 172.16.1.2


flow-export destination inside 172.16.1.2 2055
access-list flow_export_acl permit ip any any
class-map flow_export_class
match access-list flow_export_acl
policy-map flow_export_policy
class flow_export_class
flow-export event-type all destination 172.16.1.2

上一页	上一级	下一页
12.5. Example	起始页	13.2. Router