技術情報 #1880
<pre>
ssg5-serial-> get policy
Total regular policies 30, Default deny, Software based policy search, new policy enabled.
ID From To Src-address Dst-address Service Action State ASTLCB
1 V1-Trust V1-Untr~ Any Any ANY Permit enabled -----X
130 V1-Untr~ V1-Trust client1 web1 SSH Permit enabled -----X
160 V1-Untr~ V1-Trust client1 manage_serv~ ANY Permit enabled -----X
999 V1-Untr~ V1-Trust sakurasrc-g~ Any ANY Permit enabled -----X
1000 V1-Untr~ V1-Trust Any web1 HTTP Permit enabled -----X
1002 V1-Untr~ V1-Trust Any web1 HTTP-EXT Permit enabled -----X
1001 V1-Untr~ V1-Trust client2 web1 SSH Permit enabled -----X
1003 V1-Untr~ V1-Trust client2 manage_serv~ ANY Permit enabled -----X
1004 V1-Untr~ V1-Trust client2 web2 SSH Permit enabled -----X
1005 V1-Untr~ V1-Trust client2 db2 SSH Permit enabled -----X
1006 V1-Untr~ V1-Trust ?ᄚVPS web1 SSH Permit enabled -----X
1007 V1-Untr~ V1-Trust Any web2 HTTP Permit enabled -----X
1008 V1-Untr~ V1-Trust Any db2 HTTP Permit enabled -----X
1009 V1-Untr~ V1-Trust Any web2 HTTP-EXT Permit enabled -----X
1010 V1-Untr~ V1-Trust Any web2 PING Permit enabled -----X
1011 V1-Untr~ V1-Trust Any db2 PING Permit enabled -----X
1012 V1-Untr~ V1-Trust client2 db1 SSH Permit enabled -----X
1013 V1-Untr~ V1-Trust Any db1 HTTP Permit enabled -----X
1014 V1-Untr~ V1-Trust Any db1 PING Permit enabled -----X
1015 V1-Untr~ V1-Trust Any web1 PING Permit enabled -----X
1016 V1-Untr~ V1-Trust client1 web2 SSH Permit enabled -----X
1017 V1-Untr~ V1-Trust Any web1 SMTP Permit enabled -----X
web2
1019 V1-Untr~ V1-Trust Any web1 HTTPS Permit enabled -----X
web2
1020 V1-Untr~ V1-Trust Sakura VPS2G web1 SSH Permit enabled -----X
1021 V1-Untr~ V1-Trust ?ᄚVPS web1 UDP-ANY Permit enabled -----X
1022 V1-Untr~ V1-Trust client3 web1 SSH Permit enabled -----X
1023 V1-Untr~ V1-Trust client3 web2 SSH Permit enabled -----X
1024 V1-Untr~ V1-Trust client3 manage_serv~ ANY Permit enabled -----X
1025 V1-Untr~ V1-Trust client3 db1 SSH Permit enabled -----X
1026 V1-Untr~ V1-Trust client3 db2 SSH Permit enabled -----X
</pre>
<pre>
ssg5-serial-> get address
Total 30 addresses and 1 user groups in security zone address books of vsys "Root".
addr zone name Trust
Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Untrust
Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Global
Global Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
addr zone name V1-Null
V1-Null Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-Trust
V1-Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
db1 182.48.31.135/255.255.255.255 0200 db1
db2 182.48.31.137/255.255.255.255 0200 db2
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
manage_server 182.48.31.141/255.255.255.255 0200
web1 182.48.31.134/255.255.255.255 0200 web1
web2 182.48.31.136/255.255.255.255 0200 web2
V1-Trust Group Addresses:
No groups have been defined
addr zone name V1-Untrust
V1-Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
client1 112.78.112.75/255.255.255.255 0200
client2 220.97.54.22/255.255.255.255 0200 ACn[cア
client3 153.156.40.213/255.255.255.255 0200 ACn[cア?脋
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
Sakura VPS2G 219.94.235.108/255.255.255.255 0200 ??舫PS2G
sakurasrc 210.188.224.64/255.255.255.224 0200
sakurasrc1 210.188.224.128/255.255.255.240 0200
sakurasrc2 210.224.179.160/255.255.255.240 0200
sakurasrc3 61.211.224.8/255.255.255.248 0200
sakurasrc4 210.224.172.150/255.255.255.255 0200
監視用VPS 49.212.24.211/255.255.255.255 0200
V1-Untrust Group Addresses:
Group Name Count IP Comment Type
sakurasrc-grp 5 v4 User-defined
addr zone name DMZ
DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
ssg5-serial-> get address
Total 30 addresses and 1 user groups in security zone address books of vsys "Root".
addr zone name Trust
Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Untrust
Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Global
Global Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
addr zone name V1-Null
V1-Null Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-Trust
V1-Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
db1 182.48.31.135/255.255.255.255 0200 db1
db2 182.48.31.137/255.255.255.255 0200 db2
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
manage_server 182.48.31.141/255.255.255.255 0200
web1 182.48.31.134/255.255.255.255 0200 web1
web2 182.48.31.136/255.255.255.255 0200 web2
V1-Trust Group Addresses:
No groups have been defined
addr zone name V1-Untrust
V1-Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
client1 112.78.112.75/255.255.255.255 0200
client2 220.97.54.22/255.255.255.255 0200 アイハーツ事務所
client3 153.156.40.213/255.255.255.255 0200 アイハーツ事務所(新)
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
Sakura VPS2G 219.94.235.108/255.255.255.255 0200 さくらVPS2G
sakurasrc 210.188.224.64/255.255.255.224 0200
sakurasrc1 210.188.224.128/255.255.255.240 0200
sakurasrc2 210.224.179.160/255.255.255.240 0200
sakurasrc3 61.211.224.8/255.255.255.248 0200
sakurasrc4 210.224.172.150/255.255.255.255 0200
監視用VPS 49.212.24.211/255.255.255.255 0200
V1-Untrust Group Addresses:
Group Name Count IP Comment Type
sakurasrc-grp 5 v4 User-defined
addr zone name DMZ
DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-DMZ
V1-DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
</pre>
ssg5-serial-> get policy
Total regular policies 30, Default deny, Software based policy search, new policy enabled.
ID From To Src-address Dst-address Service Action State ASTLCB
1 V1-Trust V1-Untr~ Any Any ANY Permit enabled -----X
130 V1-Untr~ V1-Trust client1 web1 SSH Permit enabled -----X
160 V1-Untr~ V1-Trust client1 manage_serv~ ANY Permit enabled -----X
999 V1-Untr~ V1-Trust sakurasrc-g~ Any ANY Permit enabled -----X
1000 V1-Untr~ V1-Trust Any web1 HTTP Permit enabled -----X
1002 V1-Untr~ V1-Trust Any web1 HTTP-EXT Permit enabled -----X
1001 V1-Untr~ V1-Trust client2 web1 SSH Permit enabled -----X
1003 V1-Untr~ V1-Trust client2 manage_serv~ ANY Permit enabled -----X
1004 V1-Untr~ V1-Trust client2 web2 SSH Permit enabled -----X
1005 V1-Untr~ V1-Trust client2 db2 SSH Permit enabled -----X
1006 V1-Untr~ V1-Trust ?ᄚVPS web1 SSH Permit enabled -----X
1007 V1-Untr~ V1-Trust Any web2 HTTP Permit enabled -----X
1008 V1-Untr~ V1-Trust Any db2 HTTP Permit enabled -----X
1009 V1-Untr~ V1-Trust Any web2 HTTP-EXT Permit enabled -----X
1010 V1-Untr~ V1-Trust Any web2 PING Permit enabled -----X
1011 V1-Untr~ V1-Trust Any db2 PING Permit enabled -----X
1012 V1-Untr~ V1-Trust client2 db1 SSH Permit enabled -----X
1013 V1-Untr~ V1-Trust Any db1 HTTP Permit enabled -----X
1014 V1-Untr~ V1-Trust Any db1 PING Permit enabled -----X
1015 V1-Untr~ V1-Trust Any web1 PING Permit enabled -----X
1016 V1-Untr~ V1-Trust client1 web2 SSH Permit enabled -----X
1017 V1-Untr~ V1-Trust Any web1 SMTP Permit enabled -----X
web2
1019 V1-Untr~ V1-Trust Any web1 HTTPS Permit enabled -----X
web2
1020 V1-Untr~ V1-Trust Sakura VPS2G web1 SSH Permit enabled -----X
1021 V1-Untr~ V1-Trust ?ᄚVPS web1 UDP-ANY Permit enabled -----X
1022 V1-Untr~ V1-Trust client3 web1 SSH Permit enabled -----X
1023 V1-Untr~ V1-Trust client3 web2 SSH Permit enabled -----X
1024 V1-Untr~ V1-Trust client3 manage_serv~ ANY Permit enabled -----X
1025 V1-Untr~ V1-Trust client3 db1 SSH Permit enabled -----X
1026 V1-Untr~ V1-Trust client3 db2 SSH Permit enabled -----X
</pre>
<pre>
ssg5-serial-> get address
Total 30 addresses and 1 user groups in security zone address books of vsys "Root".
addr zone name Trust
Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Untrust
Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Global
Global Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
addr zone name V1-Null
V1-Null Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-Trust
V1-Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
db1 182.48.31.135/255.255.255.255 0200 db1
db2 182.48.31.137/255.255.255.255 0200 db2
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
manage_server 182.48.31.141/255.255.255.255 0200
web1 182.48.31.134/255.255.255.255 0200 web1
web2 182.48.31.136/255.255.255.255 0200 web2
V1-Trust Group Addresses:
No groups have been defined
addr zone name V1-Untrust
V1-Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
client1 112.78.112.75/255.255.255.255 0200
client2 220.97.54.22/255.255.255.255 0200 ACn[cア
client3 153.156.40.213/255.255.255.255 0200 ACn[cア?脋
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
Sakura VPS2G 219.94.235.108/255.255.255.255 0200 ??舫PS2G
sakurasrc 210.188.224.64/255.255.255.224 0200
sakurasrc1 210.188.224.128/255.255.255.240 0200
sakurasrc2 210.224.179.160/255.255.255.240 0200
sakurasrc3 61.211.224.8/255.255.255.248 0200
sakurasrc4 210.224.172.150/255.255.255.255 0200
監視用VPS 49.212.24.211/255.255.255.255 0200
V1-Untrust Group Addresses:
Group Name Count IP Comment Type
sakurasrc-grp 5 v4 User-defined
addr zone name DMZ
DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
ssg5-serial-> get address
Total 30 addresses and 1 user groups in security zone address books of vsys "Root".
addr zone name Trust
Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Untrust
Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name Global
Global Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
addr zone name V1-Null
V1-Null Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-Trust
V1-Trust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
db1 182.48.31.135/255.255.255.255 0200 db1
db2 182.48.31.137/255.255.255.255 0200 db2
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
manage_server 182.48.31.141/255.255.255.255 0200
web1 182.48.31.134/255.255.255.255 0200 web1
web2 182.48.31.136/255.255.255.255 0200 web2
V1-Trust Group Addresses:
No groups have been defined
addr zone name V1-Untrust
V1-Untrust Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
client1 112.78.112.75/255.255.255.255 0200
client2 220.97.54.22/255.255.255.255 0200 アイハーツ事務所
client3 153.156.40.213/255.255.255.255 0200 アイハーツ事務所(新)
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
Sakura VPS2G 219.94.235.108/255.255.255.255 0200 さくらVPS2G
sakurasrc 210.188.224.64/255.255.255.224 0200
sakurasrc1 210.188.224.128/255.255.255.240 0200
sakurasrc2 210.224.179.160/255.255.255.240 0200
sakurasrc3 61.211.224.8/255.255.255.248 0200
sakurasrc4 210.224.172.150/255.255.255.255 0200
監視用VPS 49.212.24.211/255.255.255.255 0200
V1-Untrust Group Addresses:
Group Name Count IP Comment Type
sakurasrc-grp 5 v4 User-defined
addr zone name DMZ
DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
addr zone name V1-DMZ
V1-DMZ Addresses:
Name Address/Mask Flag Comments
Any 0.0.0.0/0.0.0.0 0202 All Addr
Dial-Up VPN 255.255.255.255/255.255.255.255 0202 Dial-Up VPN Addr
</pre>