Binciken hanyoyin haɗin yanar gizo akan EDGE kama-da-wane na'ura mai ba da hanya tsakanin hanyoyin sadarwa

A wasu lokuta, matsaloli na iya tasowa yayin kafa na'ura mai ba da hanya tsakanin hanyoyin sadarwa. Misali, tura tashar jiragen ruwa (NAT) baya aiki kuma/ko akwai matsala wajen kafa dokokin Firewall da kansu. Ko kuma kawai kuna buƙatar samun rajistan ayyukan na'ura mai ba da hanya tsakanin hanyoyin sadarwa, duba aikin tashar, da gudanar da binciken cibiyar sadarwa. Mai ba da girgije Cloud4Y yayi bayanin yadda ake yin hakan.

Yin aiki tare da na'ura mai ba da hanya tsakanin hanyoyin sadarwa

Da farko, muna buƙatar saita damar yin amfani da na'ura mai ba da hanya tsakanin hanyoyin sadarwa - EDGE. Don yin wannan, muna shigar da ayyukansa kuma je zuwa shafin da ya dace - Saitunan EDGE. A can muna kunna SSH Status, saita kalmar sirri, kuma tabbatar da adana canje-canje.

Idan muka yi amfani da tsauraran ka'idojin Firewall, lokacin da aka hana komai ta tsohuwa, to muna ƙara dokoki waɗanda ke ba da damar haɗi zuwa na'ura mai ba da hanya tsakanin hanyoyin sadarwa da kanta ta hanyar tashar SSH:

Sa'an nan kuma mu haɗa tare da kowane abokin ciniki na SSH, misali PuTTY, da kuma zuwa na'ura wasan bidiyo.

A cikin na'ura wasan bidiyo, umarni sun kasance a gare mu, jerin waɗanda za a iya gani ta amfani da:
list

Waɗanne umarni ne za su iya amfani da mu? Ga jerin mafi amfani:

• nuna dubawa - zai nuna abubuwan da ke akwai da adiresoshin IP da aka shigar akan su
• nuna log - zai nuna rajistan ayyukan na'ura mai ba da hanya tsakanin hanyoyin sadarwa
• nuna log follow - zai taimaka muku kallon log in ainihin lokacin tare da sabuntawa akai-akai. Kowace doka, ta kasance NAT ko Firewall, tana da zaɓin Enable log, lokacin da aka kunna, za a yi rikodin abubuwan da suka faru a cikin log ɗin, wanda zai ba da damar bincike.
• nuna masu gudana - zai nuna duk teburin haɗin haɗin gwiwa da sigogin su
  Alal misali:1: tcp 6 21599 ESTABLISHED src=9Х.107.69.ХХХ dst=178.170.172.XXX sport=59365 dport=22 pkts=293 bytes=22496 src=178.170.172.ХХХ dst=91.107.69.173 sport=22 dport=59365 pkts=206 bytes=83569 [ASSURED] mark=0 rid=133427 use=1
• nuna mai gudana topN 10 - yana ba ku damar nuna adadin layukan da ake buƙata, a cikin wannan misalin 10
• nuna mai gudana topN 10 iri-by pkts - zai taimaka warware haɗin kai ta adadin fakiti daga ƙarami zuwa babba
• nuna mai gudana topN 10 iri-bytes - zai taimaka daidaita haɗin kai ta adadin bytes da aka canjawa wuri daga ƙarami zuwa babba
• Nuna ID ɗin ƙa'idar doka-id topN 10 - zai taimaka nuna haɗin kai ta ID ɗin doka da ake buƙata
• Nuna flowtable flowspec SPEC - don ƙarin zaɓin zaɓi na haɗin kai, inda SPEC - saita ƙa'idodin tacewa masu dacewa, misali proto = tcp: srcip = 9Х.107.69.ХХХ: wasanni = 59365, don zaɓi ta amfani da yarjejeniyar TCP da adireshin IP na tushen 9Х.107.69. XX daga tashar mai aikawa 59365
  Alal misali:> show flowtable flowspec proto=tcp:srcip=90.107.69.171:sport=59365
1: tcp 6 21599 ESTABLISHED src=9Х.107.69.XX dst=178.170.172.xxx sport=59365 dport=22 pkts=1659 bytes=135488 src=178.170.172.xxx dst=xx.107.69.xxx sport=22 dport=59365 pkts=1193 bytes=210361 [ASSURED] mark=0 rid=133427 use=1
Total flows: 1
• nuna fakitin saukad da – zai baka damar duba kididdiga akan fakiti
• nuna Firewall gudana - Yana nuna lissafin fakitin wuta tare da kwararar fakiti.

Hakanan zamu iya amfani da kayan aikin bincike na cibiyar sadarwa kai tsaye daga na'ura mai ba da hanya tsakanin hanyoyin sadarwa na EDGE:

• ping ip WORD
• ping ip WORD Girman SIZE ƙidaya COUNT nofrag - ping yana nuna girman bayanan da ake aikawa da adadin cak, sannan kuma ya hana ɓarna girman fakitin da aka saita.
• hanyar ip WORD

Jerin binciken aikin Firewall akan Edge

1. Kaddamarwa nuna Tacewar zaɓi kuma duba ƙa'idodin tacewa na al'ada da aka shigar a cikin tebur usr_rules
2. Muna kallon sarkar POSTROUTIN kuma muna sarrafa adadin fakitin da aka sauke ta amfani da filin DROP. Idan akwai matsala tare da hanyar wucewar asymmetric, za mu yi rikodin haɓakar ƙima.
   Bari mu gudanar da ƙarin bincike:
   • Ping zai yi aiki a hanya ɗaya kuma ba a cikin kishiyar shugabanci ba
   • ping zai yi aiki, amma ba za a kafa zaman TCP ba.
3. Muna duban fitar da bayanai game da adiresoshin IP - nuna ipset
4. Kunna shiga kan ka'idar Tacewar zaɓi a cikin ayyukan Edge
5. Muna kallon abubuwan da suka faru a cikin log - nuna log follow
6. Muna bincika haɗin kai ta amfani da dokar_id da ake buƙata - nuna tsarin mulki_id
7. Tare da taimakon nuna masu gudana Muna kwatanta haɗin da aka shigar a halin yanzu na shigarwar Flow na yanzu tare da iyakar da aka yarda (Jimillar Ƙarfin Gudun Gudun) a cikin tsari na yanzu. Za'a iya duba saitunan daidaitawa da iyakoki a cikin VMware NSX Edge. Idan kuna sha'awar, zan iya magana game da wannan a cikin labarin na gaba.

Me kuma za ku iya karantawa akan blog? Cloud4Y

→ Kwayoyin cuta masu jure CRISPR suna gina "matsuguni" don kare kwayoyin halitta daga enzymes masu shiga DNA
→ Ta yaya bankin ya gaza?
→ The Great Snowflake Theory
→ Intanet akan balloons
→ Pentesters a sahun gaba na tsaro ta yanar gizo

Kuyi subscribing din mu sakon waya- tashar don kada ku rasa labari na gaba! Ba mu rubuta fiye da sau biyu a mako ba kuma akan kasuwanci kawai. Muna tunatar da ku cewa masu farawa zasu iya karɓar RUB 1. daga Cloud000Y. Ana iya samun sharuɗɗa da fam ɗin neman aiki ga masu sha'awar a gidan yanar gizon mu: bit.ly/2sj6dPK

source: www.habr.com