In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Remote basic configuration
Root@SRX1# show | display set
Set version 12.1X44.4
Set system host-name SRX1
Set system time-zone Asia/Shanghai
Set system root-authentication encrypted-password "$1 $0m2EDDUB$hW0MnI7hQFLfmFmROx02B1"
Set system name-server 114.114.114.114
Set system services ssh
Set system services web-management http
Set system ntp server 62.201.225.9
Set interfaces ge-0/0/0 unit 0 family inet address 192.168.130.212/24
Set interfaces ge-0/0/1 unit 0 family inet address 1.1.1.254/24
Set routing-options static route 0.0.0.0/0 next-hop 192.168.130.2
Set security nat source rule-set NAT-Policy from zone trust
Set security nat source rule-set NAT-Policy to zone untrust
Set security nat source rule-set NAT-Policy rule Trust-Untrust-Interface-NAT match source-address 1.1.1.0/24
Set security nat source rule-set NAT-Policy rule Trust-Untrust-Interface-NAT then source-nat interface
Set security policies from-zone trust to-zone untrust policy Permit-ALL match source-address any
Set security policies from-zone trust to-zone untrust policy Permit-ALL match destination-address any
Set security policies from-zone trust to-zone untrust policy Permit-ALL match application any
Set security policies from-zone trust to-zone untrust policy Permit-ALL then permit
Set security zones security-zone untrust host-inbound-traffic system-services ping
Set security zones security-zone untrust host-inbound-traffic system-services ssh
Set security zones security-zone untrust host-inbound-traffic system-services http
Set security zones security-zone untrust interfaces ge-0/0/0.0
Set security zones security-zone trust host-inbound-traffic system-services ping
Set security zones security-zone trust host-inbound-traffic system-services ssh
Set security zones security-zone trust host-inbound-traffic system-services http
Set security zones security-zone trust interfaces ge-0/0/1.0
Set security nat static rule-set static-nat from zone untrust
Set security nat static rule-set static-nat rule rule1 match destination-address 192.168.130.199/32
Set security nat static rule-set static-nat rule rule1 then static-nat prefix 1.1.1.1/32
Set security nat proxy-arp interface ge-0/0/0.0 address 192.168.130.199/32
Set security zones security-zone trust address-book address test 1.1.1.1/32
Set security zones security-zone trust address-book address-set 1.1.1.1 address test
Set applications application 3389 protocol tcp
Set applications application 3389 destination-port 3389
Set applications application-set 3389-3389 application 3389
Set security policies from-zone untrust to-zone trust policy 1 match source-address any
Set security policies from-zone untrust to-zone trust policy 1 match destination-address test
Set security policies from-zone untrust to-zone trust policy 1 match application 3389-3389
Set security policies from-zone untrust to-zone trust policy 1 then permit
=
Root@SRX2 > show interfaces terse | match g to view the API configuration
Root@SRX2# show | display set to view the configuration of Set format
Root@SRX2# show | compare looks at the difference between the submitted configuration and the current running configuration
Root@SRX2 > clear system commit clears uncommitted configurations
Root@SRX2 > show system uptime View system clock
Root@SRX2# commit at "2016-09-30 13:48:00" saves the configuration at the specified time
Root@SRX2# commit comment "Only test" describes the submitted configuration
Root@SRX2 > show system commit to view the submitted configuration instructions (including the submitted configuration instructions)
Root@SRX2# rollback? View recoverable configuration
Root@SRX2# rollback 9 restores a certain configuration, which requires commit configuration to take effect.
Root@SRX2# commit confirmed confirms that the configuration command is submitted (the configuration is not confirmed within ten minutes, and the configuration is automatically restored to before submission)
Root@SRX2# commit and-quit confirms and exits
Root@SRX2# set system host-name My-SRX set hostname
Root@SRX2# set system name-server 114.114.114.114 set DNS
Root@SRX2 > show system uptime View time
Root@SRX2# set system time-zone Asia/Shanghai sets the time zone
Root@SRX2 > set date 200808080808.08 manually set time
Root@SRX2# set system ntp server 3.asia.pool.ntp.org sets NTP
Root@SRX2 > show ntp associations View NTP
Root@SRX2 > show ntp status View NTP
Root@SRX2 > request system reboot restart the system
Root@SRX2 > request system power-off shut down the system
Root@SRX2# set system root-authentication plain-text-password modifies root password
Root@SRX2# set system login user zqb class super-user authentication plain-text-password sets the remote login password
Recover root password
Loading / boot/defaults/loader.conf
/ kernel text=0x894aa0 data=0x4d050+0x100b2c syms= [0x4+0x92cf0+0x4+0xd1487]
/ boot/modules/libmbpool.ko text=0xd9c data=0x100
/ boot/modules/if_em_vjx.ko text=0xb794 data=0x5ec+0x204 /
Hit [Enter] to boot immediately, or space bar for command prompt.
=
Press the Spacebar at this time
OK boot-s
=
Enter single-user mode
System watchdog timer disabled
Enter full pathname of shell or 'recovery' for root password recovery or RETURN for / bin/sh: recovery
=
Enter password recovery mode
Starting CLI...
Root@SRX2 >
Root@SRX2# set system services ssh root-login deny forbids root login of ssh
Root@SRX2# set system services ssh enables SSH
Root@SRX2# set system services web-management http starts web management
Root@SRX2 > show version View version
Root@SRX2 > show system license to view authorization information
Root@SRX2 > request system license add terminal load authorization information (enter + Ctrl+D ends)
Root@SRX2 > show cli history View History command
Root@SRX2 > show system processes extensive to view system utilization
Root@SRX2 > restart chassis-control gracefully restart the system process
Set security zones security-zone trust address-book address 1.1.1.1 1.1.1.1/32
Set security zones security-zone trust address-book address 1.1.1.2 1.1.1.2/32
Set security zones security-zone trust address-book address-set Inside address 1.1.1.1
Set security zones security-zone trust address-book address-set Inside address 1.1.1.2
Set applications application 3389 protocol tcp
Set applications application 3389 destination-port 3389
Set applications application-set 3389-3389 application 3389
Set schedulers scheduler test-scheduler daily start-time 09:00 stop-time 18:00
Set schedulers scheduler test-scheduler sunday exclude
Set schedulers scheduler test-scheduler saturday exclude
Set schedulers scheduler one-time start-date 2016-10-18.09 00 stop-date 2016-10-18.1815
Set security policies from-zone trust to-zone untrust policy Permit-ALL scheduler-name test-scheduler
Set security nat static rule-set static-nat from zone untrust
Set security nat static rule-set static-nat rule rule1 match destination-address 192.168.130.199/32
Set security nat static rule-set static-nat rule rule1 then static-nat prefix 1.1.1.1/32
Set security nat proxy-arp interface ge-0/0/0.0 address 192.168.130.199/32
Set security zones security-zone trust address-book address test 1.1.1.1/32
Set security zones security-zone trust address-book address-set 1.1.1.1 address test
Set applications application 3389 protocol tcp
Set applications application 3389 destination-port 3389
Set applications application-set 3389-3389 application 3389
Set security policies from-zone untrust to-zone trust policy 1 match source-address any
Set security policies from-zone untrust to-zone trust policy 1 match destination-address test
Set security policies from-zone untrust to-zone trust policy 1 match application 3389-3389
Set security policies from-zone untrust to-zone trust policy 1 then permit
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 210
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.