No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

FAQ: How to exclude some ip from black list after configuring attack defense?

Publication Date:  2012-09-10  |   Views:  747  |   Downloads:  0  |   Author:  l00227919  |   Document ID:  EKB1000014240

Contents

Issue Description

User configured attack defense, and enable black list. So firewall adds the doubtful ip into black list. But some customers’ ip addresses, also have high access frequency, are expected to add into white list.

Alarm Information

Null

Handling Process

firewall blacklist enable acl 3500 // the acl of blacklist
[USG2110_F]dis acl 3500
Advanced ACL 3500, 41 rules
Acl's step is 5
rule 5 permit ip source 119.255.129.3 0 (12 times matched)
// write the ip addresses which no need to add into black list into acl

It’s noticed that firewall would not block the flow permitted by ACL rule.

Root Cause

Because of no white list, do it by another way.

Suggestions

Null