h3c交换机上如何限制危险端口

acl number 3100

rule 5 deny udp destination-port eq 21
rule 6 deny udp destination-port eq dns

rule 7 deny udp destination-port eq bootps

rule 8 deny udp destination-port eq bootpc

rule 9 deny udp destination-port eq netbios-ns

rule 10 deny udp destination-port eq netbios-dgm

rule 11 deny udp destination-port eq netbios-ssn

rule 12 deny udp destination-port eq 445

rule 13 deny udp destination-port eq 5353

rule 14 deny udp destination-port eq 5355

rule 15 deny udp destination-port eq ftp

rule 16 deny udp destination-port eq domain

rule 17 deny udp destination-port eq 67

rule 18 deny udp destination-port eq 68

rule 19 deny udp destination-port eq 135

rule 20 deny udp destination-port eq 137

rule 21 deny udp destination-port eq 138

rule 22 deny udp destination-port eq 139

rule 23 deny udp destination-port eq www

rule 255 permit ip

interface GigabitEthernet1/0/20
port access vlan 20
packet-filter  3100 inbound