configure

 

rename

 

renames the action set.

 

web-block

 

blocks web requests from quarantined hosts.

 

web-page

 

creates an internal web page to display web requests from a quarantined host.

 

web-redirect url

 

redirects web requests from a quarantined host to the URL that you specify.

 

whitelist [add remove]

 

adds or removes a CIDR from a quarantine whitelist. Whitelisted CIDRs are always permitted.

 

 

 

conf t address-groups

 

The configure terminal address-groupscommands configure IP address groups for the devices.

 

add-entry name < host ip subnet ip netmask mask range ip1 ip2 >

 

adds an IP subnet, IP host, or IP range to an IP address group.

 

remove name

 

deletes an IP address group.

 

remove-entry name < host ip subnet ip netmask mask range ip1 ip2 >

 

removes an IP subnet, IP host, or IP range from an IP address group.

 

update name < host ip subnet ip netmask mask range ip1 ip2 >

 

updates the settings of an existing IP address-group or creates a new IP address-group.

 

 

 

Using the conf t address-group command

update an IP

Use configure terminal address-group update to update an IP address group. In this example, the

address group

group “test” is set as the single host 1.2.3.4”

 

hostname# conf t address-group update test host 1.2.3.4

add an IP

Use configure terminal address-groupadd-entryto add an entry to an IP address group. In this

subnet to an

example, the 192.168.1.0/24 subnet is added to the “test” group:

IP address

 

group

hostname# conf t address-group add-entry test subnet 192.168.1.0

 

netmask 255.255.255.0

delete an IP

Use configure terminal address-groupremove-entryto delete an entry from an IP address group.

subnet from

In this example, the 192.168.1.0/24 subnet is deleted from the “test” group:

an IP address

 

group

hostname# conf t address-group remove-entry test subnet 192.168.1.0

 

netmask 255.255.255.0

X Family CLI Reference V 2.5.1

35