Forum Discussion

buzzkiller's avatar
buzzkiller
Icon for Altocumulus rankAltocumulus
Jul 20, 2023

View IPs from list in Network Firewall -> IP Intelligence -> Blacklist

Hello, How can I view the IPs that are added by me in a custom list in IP Intelligence? I added manually IPs to a custom list but when I search for the IP in the bar nothing is found. I tried to se...
  • CA_Valli's avatar
    Jul 25, 2023

    Hello, if you're trying to understand whether a certain IP address is being listed in one of your Custom blacklist categories, the correct command would be tmsh show security ip-intelligence info address x.y.z.k

    One important note, you should give context to the command above - if the IPI policy isn't global but it's only applied to a certain VS or to a certain RD, you should specify the VS name or RD ID in the command 

    root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)# show security ip-intelligence info virtual-server devcentral address 13.13.13.13
    Security::IP Intelligence Address  :  13.13.13.13
      Virtual server context           :  /Common/devcentral
      IP Intelligence Sources          :  User-defined
      Whitelisted (Source)             :  no
      Whitelisted (Destination)        :  no
      Policy Action (Source)           :  drop
      Policy Action (Destination)      :  allow
      Match Type                       :  Source
      Categories (Source) (1)          :    test_custom
      Categories (Destination) (0)
    Total records returned: 1
    root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)#
    

     

    I'm not sure if there's a command that can list all IP's , I've tested myself but it looks like 

    Data Input Error: Wildcard IP Addresses are not supported.
    

     

    tmctl -w120 ip_intelligence_stat   should show counters referring how many times every category was hit, per context.