No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


FAQ: How to exclude some ip from black list after configuring attack defense?

Publication Date:  2012-09-10 Views:  418 Downloads:  0
Issue Description
User configured attack defense, and enable black list. So firewall adds the doubtful ip into black list. But some customers’ ip addresses, also have high access frequency, are expected to add into white list.
Alarm Information
Handling Process
firewall blacklist enable acl 3500 // the acl of blacklist
[USG2110_F]dis acl 3500
Advanced ACL 3500, 41 rules
Acl's step is 5
rule 5 permit ip source 0 (12 times matched)
// write the ip addresses which no need to add into black list into acl

It’s noticed that firewall would not block the flow permitted by ACL rule.
Root Cause
Because of no white list, do it by another way.