Support User Manuals

Cisco Systems ASA5515K9 Network Router User Manual

Open as PDF

of 1994

55-21

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 55 Configuring the Botnet Traffic Filter

Where to Go Next

hostname/context1(config-llist)# address 10.1.1.1 255.255.255.0

hostname/context1(config-llist)# dynamic-filter whitelist

hostname/context1(config-llist)# name good.example.com

hostname/context1(config-llist)# name great.example.com

hostname/context1(config-llist)# name awesome.example.com

hostname/context1(config-llist)# address 10.1.1.2 255.255.255.255

hostname/context1(config-llist)# access-list dynamic-filter_acl extended permit tcp any

any eq 80

hostname/context1(config)# dynamic-filter enable interface outside classify-list

dynamic-filter_acl

hostname/context1(config)# dynamic-filter drop blacklist interface outside

hostname/context1(config)# dynamic-filter ambiguous-is-black

hostname/context1(config)# changeto context context2

hostname/context2(config)# dynamic-filter use-database

hostname/context2(config)# class-map dynamic-filter_snoop_class

hostname/context2(config-cmap)# match port udp eq domain

hostname/context2(config-cmap)# policy-map dynamic-filter_snoop_policy

hostname/context2(config-pmap)# class dynamic-filter_snoop_class

hostname/context2(config-pmap-c)# inspect dns preset_dns_map dynamic-filter-snoop

hostname/context2(config-pmap-c)# service-policy dynamic-filter_snoop_policy interface

outside

hostname/context2(config-pmap-c)# dynamic-filter blacklist

hostname/context2(config-llist)# name bad1.example.com

hostname/context2(config-llist)# name bad2.example.com

hostname/context2(config-llist)# address 10.1.1.1 255.255.255.0

hostname/context2(config-llist)# dynamic-filter whitelist

hostname/context2(config-llist)# name good.example.com

hostname/context2(config-llist)# name great.example.com

hostname/context2(config-llist)# name awesome.example.com

hostname/context2(config-llist)# address 10.1.1.2 255.255.255.255

hostname/context2(config-llist)# access-list dynamic-filter_acl extended permit tcp any

any eq 80

hostname/context2(config)# dynamic-filter enable interface outside classify-list

dynamic-filter_acl

hostname/context2(config)# dynamic-filter drop blacklist interface outside

hostname/context2(config)# dynamic-filter ambiguous-is-black

Where to Go Next

• To configure the syslog server, see Chapter 77, “Configuring Logging.”

• To configure an access list to block traffic, see Chapter 15, “Adding an Extended Access List,” and

also see Chapter 34, “Configuring Access Rules,” for information about applying the access list to

the interface.

• To shun connections, see the “Blocking Unwanted Connections” section on page 57-2.

previous next