Chapter 40 Reputation Filter
ZyWALL Series CLI Reference Guide
343
[no] category {anonymizers |
phishing | browser-exploits |
spam-urls | malicious-downloads
| spyware-adware-keyloggers |
malicious-sites}
The Zyxel Device considers DNS queries that match the specified category
to be malicious.
The no command means the Zyxel Device ignores DNS queries that match
the specified category.
description description Sets a description for the profile. You can use up to 60 printable ASCII
characters.
[no] description Deletes the description for this profile.
[no] log The Zyxel Device generates a log message when it detects a malicious DNS
query packet.
The no command means the Zyxel Device does not generate a log
message or alert when it detects a malicious DNS query packet.
log-alert The Zyxel Device generates a log message and an alert when it detects a
malicious DNS query packet.
[no] white-list activate Enables or disables the DNS Threat Filter white list for this profile.
dns-filter rename
old_profile_name
new_profile_name
Renames the DNS Threat Filter profile.
dns-filter redirect-ip
default
Sets the redirect IPv4 address for malicious DNS queries to the default,
which is the IP address of the DNS Threat Filter server
(dnsft.cloud.zyxel.com).
This setting is used when
dns-filter profile > action is set to
redirect.
dns-filter redirect-ip
custom IPv4
Sets the redirect IP address for malicious DNS queries to the specified IPv4
address.
This setting is used when
dns-filter profile > action is set to
redirect.
[no] dns-filter statistics
collect
Turns the collection of DNS Threat Filter blocking statistics on or off.
dns-filter statistics flush
Clears the collected IP blocking statistics.
[no] dns-filter white-list
activate
Enables or disables the DNS Threat Filter white list.
The Zyxel Device treats all FQDNs in the white list as non-malicious, and
does not apply DNS Threat Filter rules when they are queried.
dns-filter white-list FQDN
{activate|deactivate}
Activates or deactivates the specified Fully Qualified Domain Name
(FQDN) in the DNS Threat Filter white list.
If the FQDN is not already in the white list, the Zyxel Device adds it.
FQDN example: www.zyxel.com.tw
no dns-filter white-list
FQDN
Removes the specified Fully Qualified Domain Name (FQDN) from the DNS
Threat Filter white list.
dns-filter white-list
replace <1..256> FQDN
{activate|deactivate}
Replaces the Fully Qualified Domain Name (FQDN) of the specified entry
with a new one in the DNS Threat Filter white list.
show dns-filter {white-
list|black-list}
Displays the current DNS Threat Filter white or black list.
show dns-filter dashboard
statistics summary
Displays the total number of Fully Qualified Domain Names (FQDNs) that
the Zyxel Device has scanned, and the number of malicious FQDNs
detected, as displayed on the Web Configurator dashboard.
Table 188 DNS Threat Filter Commands (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
