linbronhom
2006-09-25, 12:37 PM
一個月前在中國大陸,這買了一台D-LINK 500的陽春型ROUTER,之前一直都沒問題,直到上週,ROUTER 的DATA的燈號,一直閃,即使電腦關掉也是;連線速也非常不穩定,我原本懷疑,是不是被DDOS攻擊,想要修改ROUTER 的設定,進去看一堆參數,也不知如何著手,請教各位先賢,指教..
以下是我從網路上找到的資料,但是 沒法用
資安論壇:
http://forum.icst.org.tw/phpBB2/viewtopic.php?p=1844&sid=8a94f7820211c3fc251482919c6847d2&PHPSESSID=4d67266a360fe4383f67d58f2f22d416
1.我目前在使用的中國電訊的網路,2M/256
2.我把D-LINK 500 當ADSL MODEM 在用
3.沒有其它的中繼設備
另外,我原本設置,如下
主机名: V4.3.03.01 运行状态: Showtime/Data
硬件版本: 810020 上次状态: 0x0
软件版本: VIK-2.1.050224f DSL版本: Y.1.28.141
序列号: 123456789abcdx 标准: Multimode
模式: Routing And Bridging 上行 下行
速率 延迟 速率 延迟
384 Kbps Interleaved 2048 Kbps Interleaved
广域网接口
接口 封装 IP地址 子网掩码 网关 底层接口 VPI/VCI 状态
eoa-0 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-0 0/200 正常
eoa-1 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-1 0/35 正常
eoa-2 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-2 0/100 正常
eoa-3 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-3 1/33 正常
eoa-4 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-4 8/35 正常
eoa-5 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-5 8/81 正常
ipoa-0 Routed 192.168.2.1 255.255.255.0 0.0.0.0 aal5-6 1/39 正常
局域网接口
接口 Mac地址 IP地址 子网掩码 底层接口 速率 双工 状态
eth-0 00:11:95:13:13:A2 192.168.1.1 255.255.255.0 - 100BT Full 正常
桥接配置:
Bridging: Enable
WAN to WAN Bridging: Disable
ZIPB: Disable
BRAS: Disable
系统模式: Routing And Bridging
得到LAN地址的方式: Manual
Lan配置:
实际LAN的IP地址: 192.168.1.1
实际LAN的子网掩码: 255.255.255.0
局域网IP地址: 192.168.1.1
局域网子网掩码: 255.255.255.0
速率: 100BT
双工: Full
IGMP: Disable
MTU: 1500
ATM VC 设置:
aal5-7 0 16 - 0 Any None
aal5-1 0 35 LLC 2 Any bridging
aal5-2 0 100 LLC 2 Any bridging
aal5-0 0 200 LLC 2 Any bridging
aal5-3 1 33 LLC 2 Any bridging
aal5-6 1 39 LLC 2 Any ipoanon1577(static)
aal5-4 8 35 LLC 2 Any bridging
aal5-5 8 81 LLC 2 Any bridging
DSL 状态:
计数器 近端 远端
交织 快速 交织 快速
FEC: 0 0 0 0
CRC: 2 0 0 0
NCD: 0 0 0 0
OCD: 0 0 - -
HEC: 0 0 0 0
SEF: 0 0
LOS: 0 0
失败 近端 远端
NCD: 0 0
SEF: 0 0
LOS: 0 0
LCD: 0 0
IP 过滤设置
本页用于查看和修改 IP Filter Global and规则设置.
安全等级: High 公共缺省动作: Accept
私有缺省动作: Accept DMZ 缺省动作: Accept
规则 ID 接口 状态 方向 行为规则 In I/F 日志选项 规则描述 运行状态 操作
1010 ALL Disable Incoming Deny N/A Disable -
1020 ALL Disable Incoming Deny N/A Disable 1.Dest IP equal to 255.255.255.255
1030 Private Enable Incoming Accept N/A Disable -
1040 Private Enable Outgoing Accept ALL Disable -
1050 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1060 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1070 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 25
1080 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 110
1090 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1100 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1110 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1120 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq ICMP
1130 DMZ Disable Outgoing Deny Private Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1140 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1150 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1160 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1170 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1180 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq ICMP
1190 Public Disable Outgoing Deny ALL Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1200 Public Enable Outgoing Accept ALL Disable -
1210 Public Disable Incoming Deny N/A Disable -
1220 Public Disable Incoming Deny N/A Disable 1.Dest IP equal to 255.255.255.255
1230 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 7
1240 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 9
1250 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 19
1260 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1270 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1280 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1290 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1300 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1310 Public Disable Incoming Deny N/A Disable 1.Protocol eq ICMP
1320 Public Enable Incoming Accept N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1330 Public Enable Incoming Accept N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1340 Public Disable Incoming Deny N/A Disable -
1350 Public Disable Incoming Deny N/A Disable -
1360 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1370 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1380 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1390 DMZ Enable Incoming Accept N/A Disable -
這個問題已經困擾 2週了,是否要換一台才可以正常使用..
贊助商連結
以下是我從網路上找到的資料,但是 沒法用
資安論壇:
http://forum.icst.org.tw/phpBB2/viewtopic.php?p=1844&sid=8a94f7820211c3fc251482919c6847d2&PHPSESSID=4d67266a360fe4383f67d58f2f22d416
1.我目前在使用的中國電訊的網路,2M/256
2.我把D-LINK 500 當ADSL MODEM 在用
3.沒有其它的中繼設備
另外,我原本設置,如下
主机名: V4.3.03.01 运行状态: Showtime/Data
硬件版本: 810020 上次状态: 0x0
软件版本: VIK-2.1.050224f DSL版本: Y.1.28.141
序列号: 123456789abcdx 标准: Multimode
模式: Routing And Bridging 上行 下行
速率 延迟 速率 延迟
384 Kbps Interleaved 2048 Kbps Interleaved
广域网接口
接口 封装 IP地址 子网掩码 网关 底层接口 VPI/VCI 状态
eoa-0 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-0 0/200 正常
eoa-1 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-1 0/35 正常
eoa-2 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-2 0/100 正常
eoa-3 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-3 1/33 正常
eoa-4 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-4 8/35 正常
eoa-5 Bridged 0.0.0.0 0.0.0.0 0.0.0.0 aal5-5 8/81 正常
ipoa-0 Routed 192.168.2.1 255.255.255.0 0.0.0.0 aal5-6 1/39 正常
局域网接口
接口 Mac地址 IP地址 子网掩码 底层接口 速率 双工 状态
eth-0 00:11:95:13:13:A2 192.168.1.1 255.255.255.0 - 100BT Full 正常
桥接配置:
Bridging: Enable
WAN to WAN Bridging: Disable
ZIPB: Disable
BRAS: Disable
系统模式: Routing And Bridging
得到LAN地址的方式: Manual
Lan配置:
实际LAN的IP地址: 192.168.1.1
实际LAN的子网掩码: 255.255.255.0
局域网IP地址: 192.168.1.1
局域网子网掩码: 255.255.255.0
速率: 100BT
双工: Full
IGMP: Disable
MTU: 1500
ATM VC 设置:
aal5-7 0 16 - 0 Any None
aal5-1 0 35 LLC 2 Any bridging
aal5-2 0 100 LLC 2 Any bridging
aal5-0 0 200 LLC 2 Any bridging
aal5-3 1 33 LLC 2 Any bridging
aal5-6 1 39 LLC 2 Any ipoanon1577(static)
aal5-4 8 35 LLC 2 Any bridging
aal5-5 8 81 LLC 2 Any bridging
DSL 状态:
计数器 近端 远端
交织 快速 交织 快速
FEC: 0 0 0 0
CRC: 2 0 0 0
NCD: 0 0 0 0
OCD: 0 0 - -
HEC: 0 0 0 0
SEF: 0 0
LOS: 0 0
失败 近端 远端
NCD: 0 0
SEF: 0 0
LOS: 0 0
LCD: 0 0
IP 过滤设置
本页用于查看和修改 IP Filter Global and规则设置.
安全等级: High 公共缺省动作: Accept
私有缺省动作: Accept DMZ 缺省动作: Accept
规则 ID 接口 状态 方向 行为规则 In I/F 日志选项 规则描述 运行状态 操作
1010 ALL Disable Incoming Deny N/A Disable -
1020 ALL Disable Incoming Deny N/A Disable 1.Dest IP equal to 255.255.255.255
1030 Private Enable Incoming Accept N/A Disable -
1040 Private Enable Outgoing Accept ALL Disable -
1050 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1060 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1070 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 25
1080 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 110
1090 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1100 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1110 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1120 Private Enable Outgoing Accept DMZ Disable 1.Protocol eq ICMP
1130 DMZ Disable Outgoing Deny Private Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1140 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1150 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1160 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1170 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1180 DMZ Disable Outgoing Deny Public Disable 1.Protocol eq ICMP
1190 Public Disable Outgoing Deny ALL Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1200 Public Enable Outgoing Accept ALL Disable -
1210 Public Disable Incoming Deny N/A Disable -
1220 Public Disable Incoming Deny N/A Disable 1.Dest IP equal to 255.255.255.255
1230 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 7
1240 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 9
1250 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 19
1260 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1270 Public Disable Incoming Deny N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1280 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1290 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1300 Public Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1310 Public Disable Incoming Deny N/A Disable 1.Protocol eq ICMP
1320 Public Enable Incoming Accept N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 53
1330 Public Enable Incoming Accept N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 53
1340 Public Disable Incoming Deny N/A Disable -
1350 Public Disable Incoming Deny N/A Disable -
1360 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 80
1370 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 21
1380 DMZ Disable Incoming Deny N/A Disable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 23
1390 DMZ Enable Incoming Accept N/A Disable -
這個問題已經困擾 2週了,是否要換一台才可以正常使用..
贊助商連結