Now create configuration...
Current configuration
!
   version 1.74
   local-user jfkj service-type administrator password cipher 7SaU6^ECDXL#.Z
BM/%CA!!
   sysname jfkj
   nat aging-time tcp 60
   firewall enable
   aaa-enable
   aaa accounting-scheme optional
!
acl 1 match-order auto
   rule normal permit source 192.168.0.0 0.0.0.255
   rule normal deny source any
!
acl 101 match-order auto
   rule normal deny tcp source any destination any destination-port equal 135
   rule normal deny tcp source any destination any destination-port equal 138
   rule normal deny tcp source any destination any destination-port equal 139
   rule normal deny tcp source any destination any destination-port equal 4444 rule normal deny tcp source any destination any destination-port equal 136
rule normal deny tcp source any destination any destination-port equal 445
rule normal deny tcp source any destination any destination-port equal 2745
rule normal deny tcp source any destination any destination-port equal 1025
rule normal deny tcp source any destination any destination-port equal 3127
rule normal deny tcp source any destination any destination-port equal 6129
rule normal deny tcp source any destination any destination-port equal 5000
rule normal deny tcp source any destination any destination-port equal 1433
rule normal deny tcp source any destination any destination-port equal 9996
rule normal deny udp source any destination any destination-port equal 135
rule normal deny udp source any destination any destination-port equal 445
rule normal deny udp source any destination any destination-port equal 593
rule normal deny udp source any destination any destination-port equal tftp

!
interface Aux0
   async mode flow
   link-protocol ppp
!
interface Ethernet0
   tcp mss 1400
   ip address 192.168.0.250 255.255.255.0
   firewall packet-filter 101 inbound
!
interface Ethernet1
   tcp mss 1400
   ip address x.x.x.x.255.255.255.0
   nat outbound 1 interface
   firewall packet-filter 106 inbound
!
interface Serial0
   link-protocol ppp
!
quit
ip route-static 0.0.0.0 0.0.0.0 x.x.x.x preference 60
!
return

总是吊线
dis info log

%2004/08/20 14:52:01-INTERFACE-6:
Interface Ethernet1 is UP
%2004/08/20 14:52:01-INTERFACE-6:
Line protocol ip on the interface Ethernet1 is UP
%2004/08/20 15:38:16-FIREWALL-5: System may be under attack.
In one minute, there are 598 InBound packets filtered,and 31 are rejected by acl
, 0 rejected by default!
%2004/08/20 15:38:16-FIREWALL-6:
!!! System may be under attack.
    In one minute, there are 598 InBound packets filtered, and 31 are rejected b
y acl, 0 rejected by default!
%2004/08/20 15:44:16-TELNET-6:
TELNET: A user from 192.168.0.178 login, waiting authentication
%2004/08/20 15:44:34-TELNET-6:
TELNET: A user [huawei] from 192.168.0.178 logout
%2004/08/20 15:45:16-FIREWALL-5: System may be under attack.
In one minute, there are 511 InBound packets filtered,and 31 are rejected by acl
, 0 rejected by default!
%2004/08/20 15:45:16-FIREWALL-6:
!!! System may be under attack.
    In one minute, there are 511 InBound packets filtered, and 31 are rejected b
y acl, 0 rejected by default!




哪位牛人给看看！

怎么没人回啊.
自己顶。。。。。。。。

小蜜 老大在吗？
小弟请求支援啊！

interface Ethernet1
   tcp mss 1400
   ip address x.x.x.x.255.255.255.0
   nat outbound 1 interface
   firewall packet-filter 106 inbound
是哪个列表呢?你只有1和101的ACL.
从LOG信息来看这也没有掉线啊,只不过是FIREWALL过滤奏效了.

acl 106 match-order auto
   rule normal deny tcp source any destination any destination-port equal www



不好意思，没打全。

!! System may be under attack.
   In one minute, there are 1350 InBound packets filtered, and 31 are rejected
y acl, 0 rejected by default!
2004/08/20 20:55:11-FIREWALL-5: System may be under attack.
n one minute, there are 541 InBound packets filtered,and 33 are rejected by acl
0 rejected by default!
2004/08/20 20:55:12-FIREWALL-6:
!! System may be under attack.
   In one minute, there are 541 InBound packets filtered, and 33 are rejected b
acl, 0 rejected by default!
2004/08/20 20:59:32-FIREWALL-5: System may be under attack.
n one minute, there are 1275 InBound packets filtered,and 34 are rejected by ac
, 0 rejected by default!
2004/08/20 20:59:32-FIREWALL-6:
!! System may be under attack.
   In one minute, there are 1275 InBound packets filtered, and 34 are rejected
y acl, 0 rejected by default!
2004/08/20 21:02:12-FIREWALL-5: System may be under attack.
n one minute, there are 865 InBound packets filtered,and 32 are rejected by acl
0 rejected by default!
2004/08/20 21:02:12-FIREWALL-6:
!! System may be under attack.
   In one minute, there are 865 InBound packets filtered, and 32 are rejected b
acl, 0 rejected by default!
----- More (Press CTRL_C to break) ------
只要是那个包大与1000了
网速就慢，在大点就掉线了
cpu 利用律不大9%
这是为为什么啊？

System may be under attack
意思是可能被攻击了。
你把DEBUG FIREWALL的相关信息发出来，大家研究一下。

Firewall is enable, default filtering method is 'permit'.
TimeRange packet-filtering disable.
InBound : 148 packets, 7885 bytes, 0% permitted,
           4755 packets, 1092411 bytes, 1% denied,
           355834 packets, 16620458 bytes, 98% permitted defaultly,
           0 packets, 0 bytes, 0% denied defaultly;
     From 12:09:32 to 12:09:49
           58 packets, 3098 bytes, permitted,
           2 packets, 462 bytes, denied,
           367 packets, 17654 bytes, permitted defaultly,
           0 packets, 0 bytes, denied defaultly;
OutBound: 0 packets, 0 bytes, 0% permitted,
           0 packets, 0 bytes, 0% denied,
           347748 packets, 19290473 bytes, 100% permitted defaultly,
           0 packets, 0 bytes, 0% denied defaultly.
     From 12:09:32 to 12:09:49
           0 packets, 0 bytes, permitted,
           0 packets, 0 bytes, denied,
           392 packets, 21381 bytes, permitted defaultly,
           0 packets, 0 bytes, denied defaultly;

顶。。。。。
  建议系统更新后试试看