Controls the IP blacklist in SecureXL. The blacklist blocks all traffic to and from the specified IP addresses.
The blacklist drops occur in SecureXL, which is more efficient than an Access Control Policy to drop the packets.
This can be very helpful e.g. with DoS attacks to block an IP on SecureXL level.
For example, the traffic from and to IP 220.127.116.11 should be blocked at SecureXL level.
On gateway set the IP 18.104.22.168 to Secure XL blacklist:
# fwaccel dos blacklist -a 22.214.171.124
On gateway displays all IP's on the SecureXL blacklist:
# fwaccel dos blacklist -s
On gateway delete the IP 126.96.36.199 from Secure XL blacklist:
# fwaccel dos blacklist -d 188.8.131.52
Very nice new function in R80.20!
Furthermore there are also the Penalty Box whitelist in SecureXL.
The SecureXL Penalty Box is a mechanism that performs an early drop of packets that arrive from suspected sources. The purpose of this feature is to allow the Security Gateway to cope better under high traffic load, possibly caused by a DoS/DDoS attack. The SecureXL Penalty Box detects clients that sends packets, which the Access Control Policy drops, and clients that violate the IPS protections. If the SecureXL Penalty Box detect a specific client frequently, it puts that client in a penalty box. From that point, SecureXL drops all packets that arrive from the blocked source IP address. The Penalty Box whitelist in SecureXL lets you configure the source IP addresses, which the SecureXL Penalty Box never blocks.
More under this link:
Command Line Interface R80.20 Reference Guide
➜ CCSM Elite, CCME, CCTE