bluemax-ips-add-blacklist-rule-batch
Add new blacklist IP to the BLUEMAX IPS device in batch.
The attributes are read from each input row. After processing all rows, invoke bluemax-ips-blacklist-commit to apply pending changes. 'src_port', 'dst_port' fields are read from each row (optional, 1-65535). expiry, protocol, and description can be specified as command options. Per-row result is written to '_result' ('success' or 'fail') and '_error' fields.
Valid field combinations by block type:
- src_ip - Source IP block
- dst_ip - Destination IP block
- src_ip + dst_ip - IP pair block
- src_ip + dst_port + protocol - Source service block
- dst_ip + dst_port + protocol - Destination service block
- src_ip + dst_ip + dst_port + protocol - IP pair service block
- src_ip + src_port + dst_ip + dst_port + protocol - Full session block
bluemax-ips-add-blacklist-rule-batch profile=VALUE expiry=VALUE [protocol=VALUE] [description=VALUE]
- profile=VALUE
- Required. Connect profile name of BLUEMAX IPS
- expiry=VALUE
- Required. Expiry period using s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
12hmeans 12 hours. Maximum 10 years. Applied to all rows if specified. - protocol=VALUE
- Optional. TCP, UDP, or ICMP. Applied to all rows if specified.
- description=VALUE
- Optional. Rule description. Applied to all rows if specified.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| id | Integer | Rule ID | ID of the created blacklist rule. |
| ip_ver | Integer | IP version | e.g. 4 or 6 |
| block_type | String | Block type | Blocking method (e.g. src_ip_block, dst_ip_block, session_block). |
| src_ip | IP | Source IP | Source IP address to be blocked. |
| src_port | Integer | Source port | Source port to be blocked. |
| dst_ip | IP | Destination IP | Destination IP address to be blocked. |
| dst_port | Integer | Destination port | Destination port to be blocked. |
| protocol | String | Protocol | Protocol (TCP/UDP/ICMP). |
| expiry | Date | Expiry date | Block sessions until expiry date. |
| description | String | Description | Blacklist description. |
| _result | String | Result | 'success' when the rule is added, 'fail' otherwise. |
| _error | String | Error | Error message when _result is 'fail'. |