1-9
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the Botnet Traffic Filter
Configuring the Botnet Traffic Filter
hostname(config)# dynamic-filter use-database
What to Do Next
See the “Adding Entries to the Static Database” section on page 1-9.
Adding Entries to the Static Database
The static database lets you augment the dynamic database with domain names or IP addresses that you
want to blacklist or whitelist. Static blacklist entries are always designated with a Very High threat level.
See the “Information About the Static Database” section on page 1-3 for more information.
Prerequisites
• In multiple context mode, perform this procedure in the context execution space.
• Enable ASA use of a DNS server according to the “Configuring the DNS Server” section on
page 14-11.
Detailed Steps
Command Purpose
Step 1
dynamic-filter blacklist
Example:
hostname(config)# dynamic-filter blacklist
Edits the Botnet Traffic Filter blacklist.
Step 2
Enter one or both of the following:
name domain_name
Example:
hostname(config-llist)# name bad.example.com
Adds a name to the blacklist. You can enter this
command multiple times for multiple entries. You can
add up to 1000 blacklist entries.
address ip_address mask
Example:
hostname(config-llist)# address 10.1.1.1
255.255.255.255
Adds an IP address to the blacklist. You can enter this
command multiple times for multiple entries. The
mask can be for a single host or for a subnet.
Step 3
dynamic-filter whitelist
Example:
hostname(config)# dynamic-filter whitelist
Edits the Botnet Traffic Filter whitelist.
Step 4
Enter one or both of the following:
To Next Page
Loading...
Need help?
General
