User enabled attack defense enables blacklist function of firewall, but users from internal network added into blacklist sometimes and can’t access the internet, what we want is to remove internal network address from blacklist and make user away from the influence of blacklist.
1、 Binding acl when enable blacklist for implement according to requires from customer.
firewall blacklist enable acl-number ?
INTEGER<2000-2999> Specify the basic ACL
INTEGER<3000-3999> Specify the advanced ACL
2、 for example: internal network of customer is 192.168.1.0/24 network segment, if 192.168.1.0/24 network segment wants to get away from the influence of blacklist, the configuration is:
acl number 3000
rule 5 permit ip source 192.168.1.0 0.0.0.255
rule 10 deny ip
firewall blacklist enable acl-number 3000
the theory of implement is reference a ACL when configure blacklist function, for message from blacklist ip address, if the defined action in ACL is permit, then go on forwarding, if the defined action in ACL is deny, then dropping this message.