< Home

dynamic-blacklist aging-time

Function

The dynamic-blacklist aging-time command sets an aging time for a dynamic blacklist.

The undo dynamic-blacklist aging-time command restores the aging time of a dynamic blacklist to the default value.

By default, the aging time of a dynamic blacklist is 300 seconds.

Format

dynamic-blacklist aging-time time

undo dynamic-blacklist aging-time

Parameters

Parameter

Description

Value

time

Specifies the aging time at the expiry of which a specified MAC address is removed from the dynamic blacklist.

The value is an integer that ranges from 180 to 3600, in seconds.

Views

AP system profile view

Default Level

2: Configuration level

Usage Guidelines

When detecting attacks from a STA, an AP reports the STA to the AC, forbids the STA to go online, and rejects any packets sent from the STA. As long as the STA is blacklisted, it cannot go online again even if it no longer launches attacks. To avoid that, you can run the dynamic-blacklist aging-time command to configure an aging time for the dynamic blacklist. If the configured aging time expires and the AP detects no attack from the STA, the STA is once again allowed to go online.

Example

# Set the aging time of the dynamic blacklist to 200 seconds.

<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] ap-system-profile name huawei
[HUAWEI-wlan-ap-system-prof-huawei] dynamic-blacklist aging-time 200
Parent Topic: WLAN Security Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >