565
blacklist logging enable
Use blacklist logging enable to enable logging for the blacklist function.
Use undo blacklist logging enable to disable logging for the blacklist function.
Syntax
blacklist logging enable
undo blacklist logging enable
Default
Logging is disabled for the blacklist function.
Views
System view
Predefined user roles
network-admin
Usage guidelines
With logging enabled for the blacklist function, the system outputs logs in the following situations:
• A blacklist entry is manually added.
• A blacklist entry is dynamically added by the scanning attack detection function.
• A blacklist entry is manually deleted.
• A blacklist entry ages out.
A blacklist log records the following information:
• Source IP address of the blacklist entry.
• Remote IP address of the DS-Lite tunnel.
• VPN instance name.
• Reason for adding or deleting the blacklist entry.
• Aging time for the blacklist entry.
Examples
# Enable logging for the blacklist function.
<Sysname> system-view
[Sysname] blacklist logging enable
# Add 192.168.1.2 to the blacklist. A log is output for the adding event.
[Sysname] blacklist ip 192.168.100.12
%Mar 13 03:47:49:736 2013 Sysname BLS/5/BLS_ENTRY_ADD:SrcIPAddr(1003)=192.168.100.12;
DSLiteTunnelPeer(1040)=--; RcvVPNInstance(1041)=; TTL(1051)=;
Reason(1052)=Configuration.
# Delete 192.168.1.2 from the blacklist. A log is output for the deletion event.
[Sysname] undo blacklist ip 192.168.100.12
%Mar 13 03:49:52:737 2013 Sysname BLS/5/BLS_ENTRY_DEL:SrcIPAddr(1003)=192.168.100.12;
DSLiteTunnelPeer(1040)=--; RcvVPNInstance(1041)=; Reason(1052)=Configuration.
Related commands
• blacklist ip
To Next Page
Loading...
Need help?
General
