Download Virata CLI

- 113 -
This command displays
the IP address of the blacklisted host
the reason for blacklisting the host
the IP Filter rule id which caused the blacklisting (valid only if blacklisted due to
service protection violation)
the time duration in seconds after which the IP address entry will be removed from this
table.
Deleting a Blacklisted host
To delete a blacklisted host, enter:
delete fwl blacklist ip <ddd.ddd.ddd.ddd>
Enabling or disabling Blacklisting
Using relevant parameters of the modify fwl global command
described above, you can enable or disable blacklisting and
configure the duration for blacklisting an attacking host. You can
also configure the percentage of total connections that can be in a
TCP half open state, the percentage of total connections that can be
ICMP connections and the maximum percentage of connections
from a single host, using the relevant parameters of the modify
fwl global command.
13.3 IP Filtering and IP Sessions
This section provides details about the Titanium unit’s IP filtering
capability and how to configure the rules for IP filtering.
The Titanium unit's IP filtering feature allows it to examine each
packet traveling in either direction (incoming or outgoing) on an
interface and to filter out packets based on rules that you define.
Because the IP filter scans packets at the IP layer, it can be used only in the routing mode.
A rule can be configured to be applicable on a specific interface or
on all interfaces but it applies only in one direction (in or out).
However, this does not hold good for rules with "storestate" feature
as they get applied in both directions
Each rule is assigned an ID. Rule IDs must be unique. These IDs
determine the order in which rules are matched - from lowest to
highest number.