Installation guide
140
Appendix A Command Line Tools
sg-blacklist
show [-v] [-f FILENAME] |
add [
[-i FILENAME] |
[src IP_ADDRESS/MASK]
[src6 IPv6_ADDRESS/PREFIX]
[dst IP_ADDRESS/MASK]
[dst6 IPv6_ADDRESS/PREFIX]
[proto {tcp|udp|icmp|NUM}]
[srcport PORT{-PORT}]
[dstport PORT{-PORT}]
[duration NUM]
] |
del [
[-i FILENAME] |
[src IP_ADDRESS/MASK]
[src6 IPv6_ADDRESS/PREFIX]
[dst IP_ADDRESS/MASK]
[dst6 IPv6_ADDRESS/PREFIX]
[proto {tcp|udp|icmp|NUM}]
[srcport PORT{-PORT}]
[dstpo
rt PORT{
-PORT}]
[duration NUM]
] |
iddel NODE_ID ID |
flush
Firewall,
Layer 2
Firewall,
IPS
Used to view, add, or delete active blacklist entries. The blacklist
is applied as defined in Access Rules.
Commands:
show displays the current active blacklist entries in format:
engine node ID | blacklist entry ID | (internal) | entry creation time
| (internal) | address and port match | originally set duration |
(internal) | (internal). Use the -f option to specify a storage file
to view (/data/blacklist/db_<number>). The -v option
adds operation’s details to the output.
add creates a new blacklist entry. Enter the parameters (see
below) or use the -i option to import parameters from a file.
del deletes the first matching blacklist entry. Enter the
parameters (see below) or use the -i option to import
parameters from a file.
iddel NODE_ID ID removes one specific blacklist entry on
one specific engine. NODE_ID is the engine’s ID, ID is the
blacklist entry’s ID (as shown by the show command).
flush deletes all blacklist entries.
Table A.2 NGFW Engine Command Line Tools (Continued)
Command
Engine
Role
Description