FAQ: How to exclude some ip from black list after configuring attack defense?

Publication Date:  2012-09-10 Views:  189 Downloads:  0
Issue Description
User configured attack defense, and enable black list. So firewall adds the doubtful ip into black list. But some customers’ ip addresses, also have high access frequency, are expected to add into white list.
Alarm Information
Null
Handling Process
firewall blacklist enable acl 3500 // the acl of blacklist
[USG2110_F]dis acl 3500
Advanced ACL 3500, 41 rules
Acl's step is 5
rule 5 permit ip source 119.255.129.3 0 (12 times matched)
// write the ip addresses which no need to add into black list into acl

It’s noticed that firewall would not block the flow permitted by ACL rule.
Root Cause
Because of no white list, do it by another way.
Suggestions
Null

END