Configuring a Blacklisted Entry (NSM Procedure)

To configure a blacklisted entry:

  1. In the NSM navigation tree, click Device Manager > Devices.
  2. Select an ISG1000, ISG2000, NetScreen–5200, or NetScreen–5400 device.
  3. Click the Edit icon to edit the device. The Device dialog box for the selected device appears.
  4. In the device navigation tree, click Advanced > CPU > Blacklist/Throttling Threshold. Click the Add icon. The New Blacklist Entry dialog box appears.
  5. Modify the settings as described in Table 11. Click OK.

    Table 11: Blacklist Configuration Fields

    Field

    Description

    ID

    The ID of the blacklist is generated automatically.

    Source IP

    The source IP address from which the DoS attack traffic originated.

    Destination IP

    The destination IP address.

    Source Port

    The source port in a TCP or UDP session. Set this to 0 to match all ports.

    Destination Port

    The destination port in a TCP or UDP session. Set this to 0 to match all ports.

    Protocol

    The source port and destination port are valid only when you have set the protocol as UDP or TCP. Set this value to 0 to match any protocol.

    Source IP Net Mask

    The range is 0-32. Set this field to 0 to match all source IP addresses.

    Destination IP Mask

    The range is 0-32. Set this field to 0 to match all destination IP addresses.

    Note: A blacklist with 0 timeout will not expire.

Related Documentation