acl number 3000
 description ANTI-VIRUS
 rule 1 deny tcp destination-port eq 135
 rule 2 deny tcp destination-port eq 137
 rule 3 deny tcp destination-port eq 138
 rule 4 deny tcp destination-port eq 139
 rule 5 deny tcp destination-port eq 445
 rule 6 deny tcp destination-port eq 5554
 rule 7 deny tcp destination-port eq 901
 rule 8 deny tcp destination-port eq 2745
 rule 9 deny tcp destination-port eq 3127
 rule 10 deny tcp destination-port eq 3128
 rule 11 deny tcp destination-port eq 6129
 rule 12 deny tcp destination-port eq 6667
 rule 13 deny tcp destination-port eq 4444
 rule 14 deny tcp destination-port eq 1025
 rule 15 deny tcp destination-port eq 593
 rule 16 deny udp destination-port eq 135
 rule 17 deny udp destination-port eq netbios-ns
 rule 18 deny udp destination-port eq netbios-dgm
 rule 19 deny udp destination-port eq netbios-ssn 
 rule 20 deny udp destination-port eq 445
 rule 21 deny udp destination-port eq 9995
 rule 22 deny udp destination-port eq 9996
 rule 23 deny udp destination-port eq 1434
 rule 40 permit ip
 traffic classifier anti_virus operator or 
   if-match acl 3000
traffic behavior anti_virus
traffic policy anti
   classifier anti_virus behavior anti_virus
interface GigabitEthernet2/0/0
   traffic-policy anti inbound

good to know

nice

good doc

thanks for share

very nice

useful document, thanks