Forum Discussion
View IPs from list in Network Firewall -> IP Intelligence -> Blacklist
- Jul 25, 2023
Hello, if you're trying to understand whether a certain IP address is being listed in one of your Custom blacklist categories, the correct command would be tmsh show security ip-intelligence info address x.y.z.k
One important note, you should give context to the command above - if the IPI policy isn't global but it's only applied to a certain VS or to a certain RD, you should specify the VS name or RD ID in the command
root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)# show security ip-intelligence info virtual-server devcentral address 13.13.13.13 Security::IP Intelligence Address : 13.13.13.13 Virtual server context : /Common/devcentral IP Intelligence Sources : User-defined Whitelisted (Source) : no Whitelisted (Destination) : no Policy Action (Source) : drop Policy Action (Destination) : allow Match Type : Source Categories (Source) (1) : test_custom Categories (Destination) (0) Total records returned: 1 root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)#
I'm not sure if there's a command that can list all IP's , I've tested myself but it looks like
Data Input Error: Wildcard IP Addresses are not supported.
tmctl -w120 ip_intelligence_stat should show counters referring how many times every category was hit, per context.
Hello, if you're trying to understand whether a certain IP address is being listed in one of your Custom blacklist categories, the correct command would be tmsh show security ip-intelligence info address x.y.z.k
One important note, you should give context to the command above - if the IPI policy isn't global but it's only applied to a certain VS or to a certain RD, you should specify the VS name or RD ID in the command
root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)# show security ip-intelligence info virtual-server devcentral address 13.13.13.13
Security::IP Intelligence Address : 13.13.13.13
Virtual server context : /Common/devcentral
IP Intelligence Sources : User-defined
Whitelisted (Source) : no
Whitelisted (Destination) : no
Policy Action (Source) : drop
Policy Action (Destination) : allow
Match Type : Source
Categories (Source) (1) : test_custom
Categories (Destination) (0)
Total records returned: 1
root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)#
I'm not sure if there's a command that can list all IP's , I've tested myself but it looks like
Data Input Error: Wildcard IP Addresses are not supported.
tmctl -w120 ip_intelligence_stat should show counters referring how many times every category was hit, per context.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com