4.5. Blacklisting

The function of blacklisting is to block some or all packets from a host or network. This is done in the "Blacklist" category. To create a blacklist simply click on "Create a Blacklist Entry" and a pop-up menu will appear. Enter the host IP or the network in CIDR notation. Choose between all protocols or specify either TCP or UDP. When specifying an protocol make sure the correct radio button is selected. The same goes for ports, you can choose all ports or specify a particular port. Click on "Create Entry" and you should now see the in the Blacklist WebTool page. In our example there is a malicious user on the host in which I blocked all ports and all protocols sourced by this host.

Figure 4-10. Blacklist Rule

This procedure only defines an entity to be blacklisted. It by itself does not turn blacklisting on. To enable the blacklisting function you must go back to the "General Configuration" (Section 4.1) firewall category and check the blacklisting check box for the appropriate interface followed by clicking on "Save Configuration".