aiwaf-add-ip-blacklist-rule
Add a client IP address to the specified IP blacklist on the AIWAF device.
aiwaf-add-ip-blacklist-rule [profile=PROFILE] name=NAME src-addrs=SRC-ADDRS [dst-addrs=DST-ADDRS] [exempt-addrs=EXEMPT-ADDRS] [action=ACTION] [block-page-id=BLOCK-PAGE-ID] [is-log-enabled=IS-LOG-ENABLED] [is-mail-enabled=IS-MAIL-ENABLED] [severity=SEVERITY] [description=DESCRIPTION] [commit=COMMIT]
- profile=PROFILE
- Connect profile code of AIWAF device.
- name=NAME
- e.g. Blacklist Rule #5
- src-addrs=SRC-ADDRS
- Comma separated client IP addresses. Use hyphen to specify IP range. e.g. 10.0.0.1-10.0.0.255
- dst-addrs=DST-ADDRS
- Comma separated server IP:port or IP1-IP2:port pairs. e.g. 172.20.0.1-172.20.0.255:443
- exempt-addrs=EXEMPT-ADDRS
- Comma separated exempt IP addresses. Use hyphen to specify IP range.
- action=ACTION
- DETECT or BLOCK
- block-page-id=BLOCK-PAGE-ID
- ID of the block page to display when the rule is triggered.
- is-log-enabled=IS-LOG-ENABLED
- Whether to create logs. Specify 't' for true, 'f' for false.
- is-mail-enabled=IS-MAIL-ENABLED
- Whether to send mail. Specify 't' for true, 'f' for false.
- severity=SEVERITY
- low, medium, high or critical.
- description=DESCRIPTION
- e.g. Block suspicious IPs
- commit=COMMIT
- Specify 't' to commit immediately. 'f' by default.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | Connect profile code of AIWAF device. |
| id | Integer | IP blacklist ID | IP blacklist rule ID |