Help Center/ Cloud Firewall/ User Guide/ Configuring Access Control Policies to Control Traffic/ Managing Access Control Policies/ Managing the Blacklist and the Whitelist
Updated on 2024-10-09 GMT+08:00
View PDF
Share

Managing the Blacklist and the Whitelist

This section describes how to edit and remove items in a blacklist or whitelist.

Editing the Blacklist or Whitelist

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
  4. (Optional) Switch firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
  5. In the navigation pane, choose Access Control > Access Policies. Click the tab of a protected object, and then click the Blacklist or Whitelist tab.
  6. In the row containing the desired rule, click Edit in the Operation column.

    Modify the parameters. For details about the parameters, see Blacklist and whitelist.
    Table 1 Blacklist and whitelist parameters

    Parameter

    Description

    Direction

    You can select Source or Destination.

    • Source: The IP address or IP address group that sends data packets.
    • Destination: The destination IP address or IP address group that receives data packets.

    Protocol Type

    Its value can be TCP, UDP, ICMP, or Any.

    Port

    If Protocol Type is set to TCP or UDP, set the ports to be allowed or blocked.

    NOTE:
    • To specify all the ports of an IP address, set Port to 1-65535.
    • You can specify a single port. For example, to allow or block the access from port 22 of an IP address, set Port to 22.
    • To set a port range, use a hyphen (-) between the starting and ending ports. For example, to allow or block the access from ports 80-443 of an IP address, set Port to 80-443.

    Description

    Description of the blacklist or whitelist

    IP Addresses
    • User-defined IP address: Enter one or more IP addresses in the text box and click Parse to add the IP addresses to the list.
    • Pre-defined address group: Click Add Pre-defined IP Address Group. In the dialog box that is displayed, select an address group. For more information, see Viewing a Predefined Address Group.
      CAUTION:

      After WAF_Back-to-Source_IP_Addresses is added to the blacklist or whitelist, if a back-to-source IP address changes, you need to manually update it in the blacklist or whitelist.

  7. Click OK.

Removing a Blacklisted or Whitelisted Item

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
  4. (Optional) Switch firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
  5. In the navigation pane, choose Access Control > Access Policies. Click the tab of a protected object, and then click the Blacklist or Whitelist tab.
  6. In the row of an IP address, click Delete in the Operation column.
  7. In the Remove from Blacklist or Remove from Whitelist dialog box, click OK.

    Removed items cannot be restored. Exercise caution when performing this operation.

Parent Topic: Managing Access Control Policies