blacklist retry-times
Function
The blacklist retry-times command configures the maximum number of times a destination address can be added to the cache blacklist and the detection period.
The undo blacklist retry-times command restores the default configuration.
By default, the maximum number of configuration times is 10, and the detection period is 3 minutes.
This command is supported only on the NetEngine 8000 F1A.
Usage Guidelines
Usage Scenario
In web authentication scenarios, before user authentication succeeds, the device redirects HTTP/HTTPS requests from clients to the web server.If the js enable command is run to enable the function to insert JavaScript (JS) script during web redirection on the device, the reply packets sent in response to client requests carry the JS script.If the client fails to parse the JS script, the device adds the destination address in the client request packet to the cache blacklist for HTTPS redirection. Within a specified detection period, if the number of times the destination address is added to the cache blacklist reaches the threshold, this destination address will be added to the HTTPS redirection blacklist.
Precautions
- If the js enable command is not run to enable the function to insert the JS script during web redirection, the blacklist retry-times command cannot be run.
- In VS mode, this command is supported only by the admin VS.
Example
<HUAWEI> system-view [~HUAWEI] aaa [~HUAWEI-aaa] domain abc [*HUAWEI-aaa-domain-abc] commit [~HUAWEI-aaa-domain-abc] web-server mode post [*HUAWEI-aaa-domain-abc] quit [*HUAWEI-aaa] quit [*HUAWEI] access https-redirect [*HUAWEI-access-https-redirect] js enable [*HUAWEI-access-https-redirect] blacklist retry-times 50 interval 30