Configuring Blacklist And Whitelist; Configuring Static Lists; Configuring Dynamic Blacklist - H3C MSR Series Configuration Manual

Task
Clear the history of attacks
detected by the WLAN system.
Clear the statistics of attacks
detected in the WLAN system.

Configuring blacklist and whitelist

Perform this task to configure the static blacklist, static white list, enable dynamic blacklist feature,
and configure the lifetime for dynamic entries.
•
WLAN IDS permits devices present in the static white list. You can add entries into or delete
entries from the list.
•
WLAN IDS denies devices present in the static blacklist. You can add entries into or delete
entries from the list.
•
WLAN IDS adds dynamically detected attack devices into the dynamic blacklist. You can set a
lifetime in seconds for dynamic blacklist entries. After the lifetime of an entry expires, the device
entry will be removed from the dynamic blacklist. If a flood attack from the device is detected
again before the lifetime expires, the entry is refreshed.

Configuring static lists

Step
1. Enter system view.
2. Enter WLAN IDS view.
3. Add an entry into the white
list.
4. Add an entry into the static
blacklist.

Configuring dynamic blacklist

Step
1. Enter system view.
2. Enter WLAN IDS view.
3. Enable the dynamic blacklist
feature.
4. Configure the lifetime for
dynamic blacklist entries.
Command
reset wlan ids history
reset wlan ids statistics
Command
system-view
wlan ids
whitelist mac-address
mac-address
static-blacklist mac-address
mac-address
Command
system-view
wlan ids
dynamic-blacklist enable
dynamic-blacklist lifetime
lifetime
59
Remarks
Available in user view.
Available in user view.
Remarks
N/A
N/A
Optional.
By default, no white list exists.
Optional.
By default, no static blacklist
exists.
Remarks
N/A
N/A
Optional.
By default, the dynamic blacklist
feature is disabled.
Optional.
By default, the lifetime is 300
seconds.