刚才忽然想到一个有意思的小应用，随笔记录下来。

目的：用于检查路由器交换机曾经被登陆的次数

interface Ethernet0/0

 ip address 202.58.14.179 255.255.255.248

 ip access-group login-times-checkin in

 full-duplex

ip access-list extended login-times-checkin

 permit tcp any any eq telnet established

 permit tcp any any eq 22 established

 permit tcp any any eq 22

 permit tcp any any eq telnet

 permit ip any any

(1)未进行SSH Telnet登陆时的match包数量

SHF#show access-lists

Extended IP access list login-times-checkin

    10 permit tcp any any eq telnet established (15 matches)

    20 permit tcp any any eq 22 established (195 matches)

    30 permit tcp any any eq 22

    40 permit tcp any any eq telnet

    50 permit ip any any (105 matches)

(2)进行一次SSH 一次Telnet登陆后的match包数量

SHF#show access-lists

Extended IP access list login-times-checkin

    10 permit tcp any any eq telnet established (30 matches)

    20 permit tcp any any eq 22 established (204 matches)

    30 permit tcp any any eq 22 (3 matches)

    40 permit tcp any any eq telnet (3 matches)

    50 permit ip any any (157 matches)

(3)进行二次SSH 二次Telnet登陆后的match包数量

SHF#show access-lists

Extended IP access list login-times-checkin

    10 permit tcp any any eq telnet established (51 matches)

    20 permit tcp any any eq 22 established (186 matches)

    30 permit tcp any any eq 22 (6 matches)

    40 permit tcp any any eq telnet (6 matches)

    50 permit ip any any (47 matches)