\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u306f\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u6761\u4ef6\u306b\u3088\u3063\u3066\u5206\u985e\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b
\u7279\u5b9a\u306e\u30d1\u30b1\u30c3\u30c8\u30d5\u30ed\u30fc\u3092\u7279\u5b9a\u3057\u5236\u5fa1\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u6761\u4ef6\u30ea\u30b9\u30c8<\/p>\n\n\n\n
\u30d1\u30b1\u30c3\u30c8\u3092\u8b58\u5225\u3059\u308b\u969b\u306b\u9001\u4fe1\u5143\u30a2\u30af\u30bb\u30b9\u304b\u3089\u306e\u30d1\u30b1\u30c3\u30c8\u3092\u30c1\u30a7\u30c3\u30af\u3059\u308b
\u8a2d\u5b9a\u306f\u9001\u4fe1\u5143\u30a2\u30c9\u30ec\u30b9\u3068\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u3067\u3067\u304d\u308b\u3002\u7701\u7565\u3082\u53ef\u80fd<\/p>\n\n\n\n
\u305d\u3082\u305d\u3082\u30d1\u30b1\u30c3\u30c8\u306b\u306fIP\u3001TCP,UDP\u30d8\u30c3\u30c0\u304c\u3042\u308b\u3002<\/p>\n\n\n\n \u6a19\u6e96\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u3067\u306f\u3001\u30ec\u30a4\u30e43\u306e\u9001\u4fe1\u5143IP\u30a2\u30c9\u30ec\u30b9\u306e\u307f\u30c1\u30a7\u30c3\u30af ACL\u306b\u306f\u756a\u53f7\u3092\u3064\u3051\u3066\u8b58\u5225\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u6a19\u6e96\/\u62e1\u5f35ACL\u306b\u3088\u3063\u3066\u5229\u7528\u3067\u304d\u308b\u756a\u53f7\u304c\u308f\u304b\u308c\u3066\u3044\u308b<\/p>\n\n\n\n \u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u30de\u30b9\u30af\u306f\u76f4\u524d\u306b\u8a2d\u5b9a\u3057\u305fIP\u30a2\u30c9\u30ec\u30b9\u306b\u5bfe\u3057\u3066 ACL\u306e\u6761\u4ef6\u6587\u3067IP\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u5b9a\u3059\u308b\u5834\u5408\u306f\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u3092\u4f7f\u7528\u3059\u308b \u4f8b<\/p>\n\n\n\n \u306a\u304a\u3001\u7279\u5b9a\u306e\u30db\u30b9\u30c8\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u5b9a\u3057\u305f\u3044\u5834\u5408\u3001host \u4f8b ACL\u3092\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u3078\u9069\u7528\u3059\u308b<\/span><\/p>\n\n\n\n ACL\u3092\u9069\u7528\u3057\u305f\u3044\u30b3\u30f3\u30d5\u30a3\u30b0\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u30e2\u30fc\u30c9\u306b\u79fb\u52d5\u3057\u3066<\/p>\n\n\n\n \u7279\u5b9a\u306e\u9001\u4fe1\u5143IP\u30a2\u30c9\u30ec\u30b9\u306e\u307f\u5bfe\u8c61\u306e\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30fc\u30b9\u306e \u4f8b\u3000192.168.0.0\/24\u304b\u3089\u304d\u305f\u30d1\u30b1\u30c3\u30c8\u3092serial 0\/0\u304b\u3089\u8ee2\u9001\u3055\u305b\u306a\u3044<\/p>\n\n\n\n deny\u3092\u3069\u306e\u9806\u756a\u3092\u7f6e\u3044\u305f\u3068\u3057\u3066\u3082 \u306a\u306e\u3067\u3001\u6761\u4ef6\u304c\u7d30\u304b\u3044\u3082\u306e\u307b\u3069\u5148\u306b\u8a18\u8ff0\u3059\u308b\u3002<\/p>\n\n\n\n \u4f8b permit 1\u30db\u30b9\u30c8\u306e\u307f \u30d7\u30ed\u30c8\u30b3\u30eb\u3000\u9001\u4fe1\u5143IP\u30a2\u30c9\u30ec\u30b9\u3000\u9001\u4fe1\u5143\u30dd\u30fc\u30c8\u3000\u5b9b\u5148IP\u30a2\u30c9\u30ec\u30b9 \u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u6c7a\u3081\u305f\u5f8c\u306b\u3000\u9001\u4fe1\u5143\u306eIP\u3001\u30dd\u30fc\u30c8\u3000\u5b9b\u5148IP\u3001\u30dd\u30fc\u30c8\u3068 \u30b7\u30fc\u30b1\u30f3\u30b9\u756a\u53f7\u306f\u4f4e\u3044\u6570\u5024\u304b\u3089\u512a\u5148\u3055\u308c\u308b<\/p>\n\n\n\n \u6a19\u6e96\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8 \u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u306f\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u6761\u4ef6\u306b\u3088\u3063\u3066\u5206\u985e\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u7279\u5b9a\u306e\u30d1\u30b1\u30c3\u30c8\u30d5\u30ed\u30fc\u3092\u7279\u5b9a\u3057\u5236\u5fa1\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u6761\u4ef6\u30ea\u30b9\u30c8 \u30d1\u30b1\u30c3\u30c8\u3092\u8b58\u5225\u3059\u308b\u969b\u306b\u9001\u4fe1\u5143\u30a2\u30af\u30bb\u30b9\u304b\u3089\u306e\u30d1\u30b1\u30c3\u30c8\u3092\u30c1\u30a7\u30c3\u30af\u3059\u308b\u8a2d\u5b9a\u306f\u9001\u4fe1\u5143\u30a2 ... \"\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u306e\u57fa\u672c\"<\/span> \u3092\u7d9a\u3051\u3066\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[18],"tags":[],"class_list":{"0":"post-724","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-ccna","7":"h-entry","8":"hentry","9":"h-as-article"},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=724"}],"version-history":[{"count":6,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/724\/revisions"}],"predecessor-version":[{"id":736,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/724\/revisions\/736"}],"wp:attachment":[{"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\u30ec\u30a4\u30e4\uff13<\/td> \u9001\u4fe1\u5143IP\u30a2\u30c9\u30ec\u30b9\u3001\u5b9b\u5148IP\u30a2\u30c9\u30ec\u30b9\u3001\u30d7\u30ed\u30c8\u30b3\u30eb<\/td><\/tr> \u30ec\u30a4\u30e4\uff14<\/td> \u9001\u4fe1\u5143\u30dd\u30fc\u30c8\u3001\u5b9b\u5148\u30dd\u30fc\u30c8<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\u62e1\u5f35\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u3067\u306f\u3001\u30ec\u30a4\u30e43\uff0c4\u5168\u3066\u306e\u9805\u76ee\u304c\u30c1\u30a7\u30c3\u30af\u3067\u304d\u308b\u3002<\/p>\n\n\n\n\u756a\u53f7\u4ed8\u304dACL<\/h2>\n\n\n\n
Ipv4<\/td> 1~99 1300~1999<\/td><\/tr> Ipv6<\/td> 100~199 2000~2699<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n \u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u30de\u30b9\u30af<\/h2>\n\n\n\n
\u300c\u3069\u306e\u90e8\u5206\u3092\u30c1\u30a7\u30c3\u30af\u3059\u308b\u304b\u300d\u3092\u6c7a\u3081\u308b\u3082\u306e\u3002<\/p>\n\n\n\n
\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u306f32\u30d3\u30c3\u30c8\u306e\u5024\u30678\u30d3\u30c3\u30c8\u305a\u3064\u30c9\u30c3\u30c8\u3067\u533a\u5207\u3063\u306610\u9032\u6570\u3067\u8868\u3059\u3002
0\u306f\u30c1\u30a7\u30c3\u30af\u3057\u3066\u30011\u306f\u7121\u8996\u3059\u308b<\/p>\n\n\n\n\u5168\u30d3\u30c3\u30c8\u3092\u30c1\u30a7\u30c3\u30af<\/td> 0.0.0.0<\/td><\/tr> \u5168\u30d3\u30c3\u30c8\u3092\u7121\u8996<\/td> 255.255.255.255<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\u5168\u3066\u306e\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u5b9a\u3059\u308b\u5834\u5408\u3001any\u3000\u3067\u3082\u4ee3\u7528\u53ef\u80fd<\/p>\n\n\n\n
\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8[1]\u3067192.168.0.1\/24\u304b\u3089\u306e\u30d1\u30b1\u30c3\u30c8\u3092\u8a31\u53ef\u3057\u305f\u5834\u5408<\/p>\n\n\n\n(config)access-list 1 permit 192.168.0.1 0.0.0.255\r\n\r<\/code><\/pre>\n\n\n\nACL\u3092\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u3078\u9069\u7528\u3059\u308b<\/h2>\n\n\n\n
(config-if)#ip access-group <acl-number> {in | out}<\/code><\/pre>\n\n\n\n
\u304b\u3089\u8ee2\u9001\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u3059\u308b<\/p>\n\n\n\n(config)#access-list <acl-number> deny 192.168.0.0 0.0.0.255\n(config)#access-list <acl-number> permit 0.0.0.0 255.255.255.255\n(config)#interface serial 0\/0\n(config-if)#ip access-group <acl-number> out \n<\/code><\/pre>\n\n\n\npermit\u3068deny\u306e\u9806\u756a<\/h2>\n\n\n\n
permit\u304cdeny\u3088\u308a\u5148\u306b\u30de\u30c3\u30c1\u3057\u3066\u3057\u307e\u3046\u3068\u305d\u3053\u3067\u6761\u4ef6\u304c\u7d42\u4e86\u3057\u3066
deny\u3092\u7121\u8996\u3057\u3066\u30d1\u30b1\u30c3\u30c8\u304c\u901a\u904e\u3057\u3066\u3057\u307e\u3046\u3002<\/p>\n\n\n\n
deny
deny
permit\u3000\u3053\u3053\u3067\u3000\u901a\u904e\u3059\u308b\u3002<\/p>\n\n\n\n
permit 1\u30db\u30b9\u30c8\u306e\u307f
deny\u3000\u4e0a\u8a18\u306e\u5408\u8a082\u30db\u30b9\u30c8\u306b\u30de\u30c3\u30c1\u3057\u306a\u304b\u3063\u305f\u3089\u62d2\u5426
permit any acl\u306b\u306f\u6697\u9ed9\u306edeny\u304c\u3042\u308b\u305f\u3081\u6b8b\u308a\u5168\u3066\u8a31\u53ef\u3092\u7f6e\u304f<\/p>\n\n\n\n\u756a\u53f7\u4ed8\u304d\u62e1\u5f35\u30a2\u30af\u30bb\u30b9\u30ea\u30b9\u30c8\u306e\u6761\u4ef6\u9806\u756a<\/h2>\n\n\n\n
\u5b9b\u5148\u30dd\u30fc\u30c8<\/p>\n\n\n\n
\u899a\u3048\u305f\u3089\u3088\u3044<\/p>\n\n\n\n(config)#access-list <acl-number> {permit | deny} <protocol> <sr> <wrc> <port>\n <sr> <wrc><port> \n\n\u4f8b 192.168.100.64\/24\u304b\u3089\u306e\u30b5\u30fc\u30d0172.16.24.100\u306eSSH\u63a5\u7d9a\u306e\u307f\u62d2\u5426\u3059\u308b\u5834\u5408<\/code><\/pre>\n\n\n\n(config)#access-list 100 deny tcp 192.168.100.64 0.0.0.255 host 172.16.24.100 eq 22\n(config)#access-list 100 permit ip any any\n(config)line vty 0 4 (\u30eb\u30fc\u30bf\u306e\u30ea\u30e2\u30fc\u30c8\u30a2\u30af\u30bb\u30b9\u7528\u306e\u4eee\u60f3\u30dd\u30fc\u30c8\u306b\u79fb\u52d5\uff09\n(config-line)#access-class 100 in\u3000\uff08access-class\u306b\u5909\u308f\u308b\u304b\u3089\u8981\u6ce8\u610f\uff09<\/code><\/pre>\n\n\n\n\u62e1\u5f35ACL\u306e\u30b3\u30f3\u30d5\u30a3\u30b0\u30ec\u30fc\u30b7\u30e7\u30f3\u30e2\u30fc\u30c9\u306b\u79fb\u52d5\u3057\u3066\u8a2d\u5b9a\u3059\u308b<\/h2>\n\n\n\n
(config)#ip access-list extended TEST\n<\/code><\/pre>\n\n\n\n(config-ext-nacl)#5 permit ip ~~~\n\n(config)#show access-lists\n5 permit ip ~~~\n10 deny ~~~\n20 deny ~~~<\/code><\/pre>\n\n\n\nACL\u306e\u78ba\u8a8d\u30b3\u30de\u30f3\u30c9<\/h2>\n\n\n\n
#show access-lists \u5168\u3066\u306eIP\u30ea\u30b9\u30c8\u3092\u8868\u793a\n#show ip access-lists <acl-numbers>\u3000\u7279\u5b9a\u306eACL\u306e\u307f\n#show ip access-lists\u3000\u3059\u3079\u3066\u306eIPv4\u306eACL\u3092\u8868\u793a<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"