04-08-2013 10:23 AM
Since you are able to Block the source and/or destination IP address as an action taken in a protection rule (IPS, Spyware, Zone protection etc...) is there a way to reset the timer before the elapsed time has been reached. If you block for 3600 seconds and find out 5 minutes after the event took place that it is a false alarm do you have the ability to allow access through the issuance of a command or do you have to wait it out?
Phil
04-08-2013 10:44 AM
You can clear the DoS table:
debug dataplane show dos block-table
clear dos-protection zone <sourcezone> blocked source <ip-addr>
04-08-2013 10:44 AM
You can clear the DoS table:
debug dataplane show dos block-table
clear dos-protection zone <sourcezone> blocked source <ip-addr>
04-08-2013 11:12 AM
Thanks sdarapuneni. That's great to know.
Phil
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
