Adding entries to the static database, Adding entries to the static database” section on – Cisco ASA 5505 User Manual
Page 1173
55-9
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 55 Configuring the Botnet Traffic Filter
Configuring the Botnet Traffic Filter
Adding Entries to the Static Database
The static database lets you augment the dynamic database with domain names or IP addresses that you
want to blacklist or whitelist. Static blacklist entries are always designated with a Very High threat level.
See the
“Information About the Static Database” section on page 55-3
for more information.
Prerequisites
•
In multiple context mode, perform this procedure in the context execution space.
•
Enable ASA use of a DNS server according to the
“Configuring the DNS Server” section on
.
Detailed Steps
Command
Purpose
Step 1
dynamic-filter blacklist
Example:
hostname(config)# dynamic-filter blacklist
Edits the Botnet Traffic Filter blacklist.
Step 2
Enter one or both of the following:
name
domain_name
Example:
hostname(config-llist)# name bad.example.com
Adds a name to the blacklist. You can enter this
command multiple times for multiple entries. You can
add up to 1000 blacklist entries.
address
ip_address mask
Example:
hostname(config-llist)# address 10.1.1.1
255.255.255.255
Adds an IP address to the blacklist. You can enter this
command multiple times for multiple entries. The
mask can be for a single host or for a subnet.
Step 3
dynamic-filter whitelist
Example:
hostname(config)# dynamic-filter whitelist
Edits the Botnet Traffic Filter whitelist.
Step 4
Enter one or both of the following: