To configure the blacklist function:
To do...
1.
Enter system view.
2.
Enable the blacklist function.
3.
Add a blacklist entry.
NOTE:
add blacklist entries manually or configure the device to automatically add the IP addresses of detected
scanning attackers to the blacklist. For the latter purpose, enable the blacklist function for the device,
the scanning attack protection function, and the blacklist function for scanning attack protection. The
blacklist entries added by the scanning attack protection function are aged after the aging time, which
is configurable. For the configuration of scanning attack protection, see
attack protection
Enabling traffic statistics on an interface
To collect traffic statistics on an interface, enable the traffic statistics function on the interface. The device
supports traffic statistics in the following modes:
By direction, inbound or outbound—Collect statistics on packets received on or sent from an
•
interface.
By IP address, source IP address or destination IP address—Collect statistics on packets received on
•
an interface by source IP addresses or on packets sent from an interface by destination IP
addresses.
To enable traffic statistics on an interface:
To do...
1.
Enter system view.
2.
Enter interface view.
3.
Enable traffic statistics on the
interface.
Command...
system-view
blacklist enable
blacklist ip source-ip-address [
timeout minutes ]
policy."
Command...
system-view
interface interface-type interface-
number
flow-statistics enable { destination-
ip | inbound | outbound |
source-ip }
Remarks
—
Required.
Disabled by default.
Optional.
The scanning attack protection
function can add blacklist entries
automatically.
Remarks
—
—
Required
Disabled by default
397
"Configuring a scanning