Blacklist configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade IPS Cards User Manual
Page 201: Table 19-3
19-3
Table 19-3 Detailed information of the blacklist entry list
Item
Description
Segment Id
ID of the segment applied to the blacklist entry
Direction
Direction of the segment applied to the blacklist entry
Source IP
Source IP address of the blacklist entry
Lifetime
Lifetime of the blacklist entry
Adding Mode
Adding mode the blacklist entry
Added at
Creation time of the blacklist entry, showing when the entry was added.
Policy
Name of the policy applied to the blacklist entry
An en dash (–) is displayed if no policy is applied to the entry. For example, a manually
added entry does not have a policy applied to it.
Rule
Name of the rule applied to the blacklist entry
z
An en dash is displayed if no rule is applied to the entry. For example, a manually added
entry does not have a rule applied to it.
z
If a bandwidth management rule is applied to the entry, the name of the service that
matches the rule is displayed.
Hit Count
Number of packets matching the conditions as configured for the blacklist entry
Blacklist configuration task list
.
Blacklist Configuration Example
Network requirements
z
The host locates at the outbound direction of segment 0 while the server locates at the inbound
direction.
z
Configure the IPS so that it filters all the packets sourced from the host in an hour.
Figure 19-3 Network diagram for blacklist configuration
Configuration procedure
# Add a blacklist entry on the IPS.
z
Select Blacklist > Blacklist Management in the navigation tree, and then click Add in the page as
shown in
. Configure the items shown in