563
Examples
# Enable the global blacklist function.
<Sysname> system-view
[Sysname] blacklist global enable
Related commands
• blacklist enable
• blacklist ip
blacklist ip
Use blacklist ip to add an IPv4 blacklist entry.
Use undo blacklist ip to delete a manually added IPv4 blacklist entry.
Syntax
blacklist ip source-ip-address [ vpn-instance vpn-instance-name ] [ timeout minutes ]
undo blacklist ip source-ip-address [ vpn-instance vpn-instance-name ]
Default
No IPv4 blacklist entry exists.
Views
System view
Predefined user roles
network-admin
Parameters
source-ip-address: Specifies an IPv4 address for the blacklist entry. Packets sourced from this address will
be blacklisted.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the blacklist entry belongs.
The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Do not specify this
option if the specified IP address is on the public network.
timeout minutes: Sets the aging time in minutes for the blacklist entry, in the range of 1 to 1000. If you
do not specify this option, the blacklist entry never ages out. You can delete it manually.
Usage guidelines
The undo blacklist ip command deletes only manually added IPv4 blacklist entries. To delete dynamically
added IPv4 blacklist entries, use the reset blacklist ip command.
A blacklist entry with an aging time is not saved to the configuration file and cannot survive a reboot.
You can use the display blacklist ip command to display all effective IPv4 blacklist entries.
Examples
# Add a blacklist entry for the IP address 192.168.1.2 and set the aging time to 20 minutes for the entry.
<Sysname> system-view
[Sysname] blacklist ip 192.168.1.2 timeout 20
Related commands
• blacklist enable
To Next Page
Loading...
Need help?
General
