四、配置NAT: router(config)#ip nat pool NATP X.X.X.X X.X.X.X netmask 255.255.255.224 router(config)#ip nat inside source list 7 pool NATP overload router(config)#access-list 7 permit any router(config)#int fa0 router(config-if)#ip nat outside router(config-if)#int e0 router(config-if)#ip nat inside
五、配置ACL: router(config)#access-list 103 deny tcp any any eq 6667 router(config)#access-list 103 deny tcp any any eq 1434 router(config)#access-list 103 deny tcp any any eq 135 router(config)#access-list 103 deny udp any any eq 135 router(config)#access-list 103 deny udp any any eq netbios-ns router(config)#access-list 103 deny udp any any eq netbios-dgm router(config)#access-list 103 deny tcp any any eq 139 router(config)#access-list 103 deny udp any any eq netbios-ss router(config)#access-list 103 deny tcp any any eq 445 router(config)#access-list 103 deny tcp any any eq 593 router(config)#access-list 103 deny tcp any any eq 4444 router(config)#access-list 103 deny tcp any any eq 707 router(config)#access-list 103 deny 255 any any router(config)#int fa0 router(config-if)#ip access-group 103 in router(config-if)#exit