Производительность cisco

Building configuration... 
 
Current configuration : 29276 bytes 
! 
! Last configuration change at 09:52:53 PCTime Tue Apr 30 2013 by newadmin 
! 
version 15.0 
no service pad 
service tcp-keepalives-in 
service tcp-keepalives-out 
service timestamps debug datetime msec localtime show-timezone 
service timestamps log datetime msec localtime show-timezone 
service password-encryption 
service sequence-numbers 
! 
hostname Cisco 
! 
boot-start-marker 
boot-end-marker 
! 
security authentication failure rate 3 log 
security passwords min-length 6 
logging buffered 51200 
logging console critical 
enable secret 5 $1$KNe6$71R8ILxVSZyE.ByqnFszP/ 
! 
aaa new-model 
! 
! 
aaa authentication login default local 
! 
! 
! 
! 
! 
aaa session-id common 
! 
! 
! 
memory-size iomem 10 
clock timezone PCTime 4 
regexp optimize 
! 
no ip source-route 
! 
ip cef 
no ip bootp server 
ip domain name nprogs.com 
ip name-server 208.67.222.222 
ip name-server 8.8.8.8 
no ipv6 cef 
! 
! 
multilink bundle-name authenticated 
 
parameter-map type urlfpolicy local URLFilter 
  alert off 
  block-page message "Sorry bro, access to this page is closed!" 
parameter-map type urlf-glob Oracle 
  pattern ekiga.net 
  pattern *.ekiga.net 
  pattern voipbuster.com 
  pattern *.voipbuster.com 
  pattern w3schools.com 
  pattern *.w3schools.com 
  pattern stackoverflow.com 
  pattern *.stackoverflow.com 
  pattern *oracle* 
  pattern error-codes.info 
  pattern *.error-codes.info 
  pattern javascript.ru 
  pattern *.javascript.ru 
  pattern demoaut.com 
  pattern *.demoaut.com 
  pattern software-testing.ru 
  pattern *.software-testing.ru 
 
parameter-map type urlf-glob Google 
  pattern *google* 
 
parameter-map type urlf-glob DeniedSites 
  pattern * 
 
parameter-map type urlf-glob Trust 
  pattern trust.ru 
  pattern *.trust.ru 
 
parameter-map type urlf-glob Tsconsulting 
  pattern tsconsulting.ru 
  pattern *.tsconsulting.ru 
 
parameter-map type urlf-glob Microsoft 
  pattern *microsoft* 
 
parameter-map type urlf-glob Yandex 
  pattern *yandex* 
  pattern ya.ru 
  pattern *.ya.ru 
 
parameter-map type urlf-glob Siebel 
  pattern *siebel* 
 
parameter-map type urlf-glob Linux 
  pattern *linux* 
 
parameter-map type urlf-glob Cisco 
  pattern *cisco* 
 
parameter-map type urlf-glob Intuit 
  pattern intuit.ru 
  pattern *.intuit.ru 
 
parameter-map type urlf-glob SQL 
  pattern sql.ru 
  pattern *.sql.ru 
 
parameter-map type urlf-glob Technoserv 
  pattern 194.154.81.246 
  pattern eventum.siblion.ru 
  pattern technoserv.ru 
  pattern *.technoserv.ru 
  pattern russianhelicopters.aero 
  pattern *.russianhelicopters.aero 
 
parameter-map type urlf-glob Tcsbank 
  pattern tcsbank.ru 
  pattern *.tcsbank.ru 
  pattern 91.194.227.4 
 
parameter-map type urlf-glob HF 
  pattern hflabs.ru 
  pattern *.hflabs.ru 
  pattern mango-office.ru 
 
license udi pid CISCO881-SEC-K9 sn FCZ1534C6BT 
! 
! 
username newadmin privilege 15 secret 5 $1$OutE$GGojcvSnwBnFX1hEyHnDA0 
! 
! 
ip tcp synwait-time 10 
no ip ftp passive 
ip ssh time-out 60 
ip ssh authentication-retries 2 
! 
class-map type urlfilter match-any PermittedSites 
  match server-domain urlf-glob Oracle 
  match server-domain urlf-glob Google 
  match server-domain urlf-glob Trust 
  match server-domain urlf-glob Tsconsulting 
  match server-domain urlf-glob Microsoft 
  match server-domain urlf-glob Yandex 
  match server-domain urlf-glob Siebel 
  match server-domain urlf-glob Linux 
  match server-domain urlf-glob Intuit 
  match server-domain urlf-glob SQL 
  match server-domain urlf-glob Technoserv 
  match server-domain urlf-glob Tcsbank 
  match server-domain urlf-glob HF 
class-map type inspect match-all UDP 
  match access-group name UDP 
  match protocol udp 
class-map type inspect match-any Control 
  match protocol dns 
  match protocol icmp 
  match protocol l2tp 
  match protocol udp 
  match protocol https 
  match protocol tcp 
  match protocol ssh 
  match protocol telnet 
  match protocol pptp 
  match protocol http 
class-map type inspect match-all TCP 
  match access-group name TCP 
  match protocol tcp 
class-map type inspect match-any Web 
  match access-group name Limited 
  match protocol http 
class-map type inspect match-all GRE 
  match access-group name GRE 
class-map type inspect match-any Web2 
  match protocol http 
class-map type urlfilter match-any DeniedSites 
  match server-domain urlf-glob DeniedSites 
! 
! 
policy-map type inspect urlfilter SocialNetworking 
  parameter type urlfpolicy local URLFilter 
  class type urlfilter PermittedSites 
    allow 
    log 
  class type urlfilter DeniedSites 
    log 
    reset 
policy-map type inspect InsideToOutside 
  class type inspect Web 
    inspect 
    service-policy urlfilter SocialNetworking 
  class type inspect Control 
    inspect 
  class type inspect GRE 
    inspect 
  class class-default 
    pass 
policy-map type inspect OutsideToInside 
  class type inspect Control 
    inspect 
  class type inspect Web2 
    inspect 
  class type inspect GRE 
    inspect 
  class class-default 
    pass 
! 
zone security Inside 
zone security Outside 
zone-pair security Inside_to_Outside source Inside destination Outside 
  service-policy type inspect InsideToOutside 
zone-pair security Outside_to_Inside source Outside destination Inside 
  service-policy type inspect OutsideToInside 
! 
! 
! 
! 
! 
! 
! 
interface FastEthernet0 
  ! 
! 
interface FastEthernet1 
  ! 
! 
interface FastEthernet2 
  ! 
! 
interface FastEthernet3 
  ! 
! 
interface FastEthernet4 
  ip ddns update ccp_ddns1 
  ip address ххх.ххх.ххх.ххх 255.255.255.0 
  no ip redirects 
  no ip unreachables 
  no ip proxy-arp 
  ip flow ingress 
  ip nat outside 
  ip virtual-reassembly 
  zone-member security Outside 
  duplex auto 
  speed auto 
  no cdp enable 
  ! 
! 
interface Vlan1 
  ip address 10.10.10.1 255.255.255.0 
  ip flow ingress 
  ip nat inside 
  ip virtual-reassembly 
  zone-member security Inside 
  ! 
! 
ip forward-protocol nd 
ip http server 
ip http authentication local 
ip http secure-server 
ip http timeout-policy idle 60 life 86400 requests 10000 
! 
ip flow-export source FastEthernet4 
ip flow-export version 5 
ip flow-export destination 10.10.10.200 2345 
ip flow-top-talkers 
  top 20 
  sort-by bytes 
! 
ip dns server 
ip nat inside source list 1 interface FastEthernet4 overload 
ip nat inside source list 108 interface FastEthernet4 overload 
ip route 0.0.0.0 0.0.0.0 78.31.75.129 
ip route 0.0.0.0 0.0.0.0 91.214.242.1 
! 
ip access-list extended GRE 
  deny gre any any 
ip access-list extended Limited 
  deny tcp host 10.10.10.3 any eq www time-range TIME 
  deny tcp host 10.10.10.4 any eq www time-range TIME 
  deny tcp host 10.10.10.5 any eq www time-range TIME 
  deny tcp host 10.10.10.7 any eq www time-range TIME 
  deny tcp host 10.10.10.9 any eq www time-range TIME 
  deny tcp host 10.10.10.11 any eq www time-range TIME 
  deny tcp host 10.10.10.13 any eq www time-range TIME 
  deny tcp host 10.10.10.16 any eq www time-range TIME 
  deny tcp host 10.10.10.17 any eq www time-range TIME 
  deny tcp host 10.10.10.37 any eq www time-range TIME 
  deny tcp host 10.10.10.20 any eq www time-range TIME 
  deny tcp host 10.10.10.21 any eq www time-range TIME 
  deny tcp host 10.10.10.22 any eq www time-range TIME 
  deny tcp host 10.10.10.25 any eq www time-range TIME 
  deny tcp host 10.10.10.26 any eq www time-range TIME 
  deny tcp host 10.10.10.33 any eq www time-range TIME 
  deny tcp host 10.10.10.200 any eq www time-range TIME 
  permit tcp any any eq www 
! 
logging trap debugging 
access-list 1 remark INSIDE_IF=Vlan1 
access-list 1 remark CCP_ACL Category=2 
access-list 1 permit 10.10.10.0 0.0.0.255 
access-list 108 permit ip 10.10.10.0 0.0.0.255 any 
no cdp run 
! 
line con 0 
  no modem enable 
  transport output telnet 
line aux 0 
  transport output telnet 
line vty 0 4 
  privilege level 15 
  transport input telnet ssh 
! 
scheduler max-task-time 5000 
scheduler allocate 4000 1000 
scheduler interval 500 
time-range TIME 
  periodic weekdays 10:00 to 18:00 
! 
end