防火墙维护手册

2.7.4. 查看防火墙安全区域

SA-2001# show zone Total zone count: 8

====================================================================== Name Type VR/Vswitch If-count ----------------------------------------------------------------------

trust L3 trust-vr 1 untrust L3 trust-vr 1 dmz L3 trust-vr 0 l2-trust L2 vswitch1 0 l2-untrust L2 vswitch1 0 l2-dmz L2 vswitch1 0 VPNHub L3 trust-vr 0 HA L3 trust-vr 0

======================================================================

2.7.5. 查看防火墙路由表

SA-2001# show ip route

Codes: K - kernel route, C - connected, S - static, I - ISP, R - RIP, O - OSPF,

B - BGP, D - DHCP, P - PPPoE, H - HOST, G - SCVPN, V - VPN, M - IMPORT, > - selected route, * - FIB route

Routing Table for Virtual Router

====================================================================== S 0.0.0.0/0 [1/0/1] via 192.168.1.254 inactive

C>* 192.168.10.0/24 is directly connected, ethernet0/0 H>* 192.168.10.1/32 [0/0/1] is local address, ethernet0/0

2.7.6. 查看防火墙安全策略

SA-2001# show policy Total rules count: 2

S: Rule Status (E - Enabled; D - Disabled) Flag: * - Need Application Identification

S - Log Session Start; E - Log Session End; D - Log Policy Deny)

trust => trust: Total rules 1. Default DENY. Default log OFF

====================================================================== S Id RBNS_Attr Source Destination Service Action Flag --------------------------------------------------------------------------------