A blackhole task for a specified IP address is manually created on the ATIC to block the traffic destined to the IP address.
Procedure
- Configure a RESTful server.
- Configure the notification mode of second-level blackhole event.
- Enable the RESTful API.
- Manually create a blackhole policy.
- Choose Defense > Policy Settings > Blackhole.
- Click
. - In the Create Blackhole Policy dialog box, set Blackhole mode to LPU blackhole, select Enable automatically, and set Clean device, Destination IP address, and Mask. Click OK.
- Enable static blackhole report through the RESTful API.
- After the ATIC is installed, open the attackIpConfig.xml file in the ATIC installation directory.
In the Windows operating system, the file path is software-installation-path\Runtime\vsm_conf\antiddos\attackIpConfig.xml.
In the Linux operating system, the file path is software-installation-path/components/atic/vsm_conf/antiddos/attackIpConfig.xml.
- Find the notifyStaticBlackhole parameter. Change 1 to 2 and enable static blackhole report.
- Save and close the attackIpConfig.xml file.
The manually created static blackhole policy can only be manually decapsulated. For the method of manually decapsulating a blackhole policy, see Manually decapsulating a blackhole policy.
After version upgrade, the configuration file will be restored to defaults and needs to be reconfigured. Otherwise, this function is unavailable. After the configuration file is modified, restart the ATIC for the modification to take effect.
- After the ATIC is installed, open the attackIpConfig.xml file in the ATIC installation directory.