[x]

Attack detection and prevention configuration examples > IP blacklist configuration example

 

 Next

IP blacklist configuration example

Network requirements

As shown in Figure 125, configure the IP blacklist feature on the device to block packets from the attacker Host D permanently and from Host C for 50 minutes.

Figure 124: Network diagram

Configuration procedure

# Configure IP addresses for the interfaces on the device. (Details not shown.)

# Enable the global blacklist feature.

<Device> system-view
[Device] blacklist global enable

# Add an IPv4 blacklist entry for Host D.

[Device] blacklist ip 5.5.5.5

# Add an IPv4 blacklist entry for Host C and set the blacklist entry aging time to 50 minutes.

[Device] blacklist ip 192.168.1.4 timeout 50

Verifying the configuration

# Verify that the IPv4 blacklist entries are successfully added.

<Device> display blacklist ip
IP address      VPN instance   DS-Lite tunnel peer  Type    TTL(sec) Dropped
5.5.5.5         --             --                   Manual  Never    0
192.168.1.4     --             --                   Manual  2989     0

# Verify that the device drops packets from Host D. (Details not shown.)

# Execute the undo blacklist ip 5.5.5.5 command and verify that the device forwards packets from Host D. (Details not shown.)

# Verify that the device drops packets from Host C for 50 minutes and forwards packets from Host C after 50 minutes. (Details not shown.)

prev

 

up

 next

Interface-based attack detection and prevention configuration example 

home

 User blacklist configuration example

© Copyright 2016 Hewlett Packard Enterprise Development LP