Manage the Blocked Sites List (Blocked Sites)
The Firebox System Manager (FSM) Blocked Sites List tab shows the IP addresses of all the external IP addresses that are temporarily blocked by your Firebox. Many events can cause the Firebox to add an IP address to the Blocked Sites tab: a port space probe, a spoofing attack, an address space probe, or an event you configure.
The Expiration column for each IP address shows the time when the address is scheduled to be removed from the Blocked Sites tab.
You can adjust the default length of time that an IP address stays on the list in the Policy Manager Blocked Sites dialog box. For more information, go to Block Sites Temporarily with Policy Settings.
Change the Block Sites List
On the Firebox System Manager Blocked Sites tab, you can temporarily change the settings for specific IP addresses on the Blocked IP List. You can add a site to the list, change the expiration for a site on the list, or remove a site from the list.
For more detailed information on the entries in the Blocked IP List, you can enable logging and notifications for blocked sites. For more information, go to Set Logging and Notification Preferences.
To temporarily add a site to the Blocked IP List:
- Click Add.
The Add Temporary Blocked Site dialog box appears.
- Type the IP Address to block.
- Type a value in the Expire After text box and select Hours, Minutes, or Seconds from the drop-down list to set the length of time the address is blocked.
- Click OK.
The Add Blocked Site dialog box appears. - Type the Device Administrator passphrase for your device, and click OK.
The IP address appears in the Blocked IP List.
To change the time that a site is deleted from the Blocked IP List:
- Select a site in the Blocked IP List and click Change Expiration.
The Edit Temporary Blocked Site dialog box appears for the selected IP Address.
- Verify the IP Address value is correct.
- In the Expire After text box, type the new expiration value. From the drop-down list, select Hours, Minutes, or Seconds.
- Click OK.
The Update Site dialog box appears. - Type the Device Administrator passphrase for your device, and click OK.
To remove a site from the Blocked IP List:
- From the Blocked IP List, select a site and click Delete.
The Delete Site(s) dialog box appears. - Type the Device Administrator passphrase for your device, and click OK.
The IP address is removed from the Blocked IP List.
You must connect to the Firebox with the configuration passphrase to remove a site from the list.
Copy Information From the Blocked Sites List
You can select one or more sites on the Blocked Sites list to copy and paste into a file, or you can export the entire list of blocked sites to a file.
To copy one or more individual blocked sites on the Blocked Sites tab:
- Select a blocked site.
To select more than one item in the list, hold down Ctrl or Shift on your keyboard.
To select all sites in the list, press Ctrl+A on your keyboard, or right-click anywhere on the tab and select Select All. - To copy the selected sites, right-click and select Copy.
Or, press Ctrl +C on your keyboard. - Paste the copied sites into a file.
To export the all of the sites in the Blocked Sites list to a text file:
- On the Blocked Sites tab, right-click and select Export.
The Save dialog box appears. - Type a name for the file and select a location to save the file.
- Click OK.
Firebox System Manager exports the entire contents of the Blocked Sites list to the file you specify.