Modifying the Database
Besides enabling and disabling IP Reputation processing as a whole (See above), you can also
enable and disable IP reputation for each for specific IP addresses. This is typically called
“blacklisting” and “whitelisting”:
l
Blacklisting: specifying a list of IP addresses not contained in the IRDB that will be blocked.
l
Whitelisting: specifying a list of IP addresses contained in the IRDB that will never be
blocked.
Blacklisting Client IP Addresses
It is possible that you may want to block one or more IP addresses that do not appear in the IRDB.
You can essentially add IP addresses to the IRDB by creating a "blacklist", or list of IP addresses
that will be blocked as if they appeared in the IRDB. The
block
command blocks all IRDB inbound
IPs in the specified category or list of IP addresses.
The following examples demonstrated how to block a single IP or a list of IPs. A list is comma
separated as shown in the example below:
eqcli >
reputation blacklist 172.16.1.170,172.16.1.175,172.16.3.245
Verify your entry by entering:
eqcli >
show reputation blacklist
Blocked IP Name
Start IP Address
End IP Address
Blocked Direction
172.16.1.170
172.16.1.170
172.16.1.170
inbound
172.16.1.175
172.16.1.175
172.16.1.175
inbound
172.16.3.245
172.16.3.245
172.16.3.245
inbound
eqcli >
You could also enter a range of IP addresses to block. If, for example, you enter
10.0.0.5 -
10.0.0.11
, all the addresses from 10.0.0.5 to 10.0.0.11 will be blocked.The format below is
used:
eqcli >
reputation blacklist
start IP
-
end IP
You can also enter a range of ip addresses using CIDR notation. For example, you could enter the
following:
eqcli >
reputation blacklist 192.168.100.0/22
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
All Rights Reserved.
257
Equalizer Administration Guide
Содержание Equalizer GX Series
Страница 18: ......
Страница 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 42: ......
Страница 52: ......
Страница 64: ......
Страница 72: ......
Страница 76: ......
Страница 123: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 123 Equalizer Administration Guide ...
Страница 228: ......
Страница 238: ......
Страница 411: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 411 Equalizer Administration Guide ...
Страница 459: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 459 Equalizer Administration Guide ...
Страница 476: ......
Страница 492: ......
Страница 530: ......
Страница 614: ......
Страница 626: ......
Страница 638: ......
Страница 678: ......
Страница 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 754: ......
Страница 790: ......
Страница 804: ......
Страница 842: ......
Страница 847: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 847 Equalizer Administration Guide ...
Страница 866: ......