Disable selected ciphers.

Below result of ssllab scan for one of the vip . We would like to disabled selected ciphers (TO DISABLE) in addition to present filter and would like to allow the rest

Currently i have DEFAULT:!RC4-SHA:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA cipher restriction under client ssl.

What additional filter i can include to achieve this?

TLSv1.0:

   server selection: enforce server preferences

    RSA) ECDHE_RSA_WITH_AES_128_CBC_SHA

    RSA) ECDHE_RSA_WITH_AES_256_CBC_SHA

   TO DISABLE (key: RSA) RSA_WITH_AES_128_CBC_SHA

   TO DISABLE (key: RSA) RSA_WITH_AES_256_CBC_SHA

   TO DISABLE (key: RSA) RSA_WITH_CAMELLIA_128_CBC_SHA

   TO DISABLE (key: RSA) RSA_WITH_CAMELLIA_256_CBC_SHA

    RSA) DHE_RSA_WITH_AES_128_CBC_SHA

    RSA) DHE_RSA_WITH_AES_256_CBC_SHA

    RSA) DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

    RSA) DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

 TLSv1.1: idem

 TLSv1.2:

   server selection: enforce server preferences

    RSA) ECDHE_RSA_WITH_AES_128_GCM_SHA256

    RSA) ECDHE_RSA_WITH_AES_128_CBC_SHA

    RSA) ECDHE_RSA_WITH_AES_128_CBC_SHA256

    RSA) ECDHE_RSA_WITH_AES_256_GCM_SHA384

    RSA) ECDHE_RSA_WITH_AES_256_CBC_SHA

    RSA) ECDHE_RSA_WITH_AES_256_CBC_SHA384

   TO DISABLE RSA) RSA_WITH_AES_128_GCM_SHA256

   TO DISABLE RSA) RSA_WITH_AES_128_CBC_SHA

   TO DISABLE RSA) RSA_WITH_AES_128_CBC_SHA256

   TO DISABLE RSA) RSA_WITH_AES_256_GCM_SHA384

   TO DISABLE RSA) RSA_WITH_AES_256_CBC_SHA

   TO DISABLE RSA) RSA_WITH_AES_256_CBC_SHA256

   TO DISABLE RSA) RSA_WITH_CAMELLIA_128_CBC_SHA

   TO DISABLE RSA) RSA_WITH_CAMELLIA_256_CBC_SHA

   RSA) DHE_RSA_WITH_AES_128_GCM_SHA256

   RSA) DHE_RSA_WITH_AES_128_CBC_SHA

   RSA) DHE_RSA_WITH_AES_128_CBC_SHA256

   RSA) DHE_RSA_WITH_AES_256_GCM_SHA384

   RSA) DHE_RSA_WITH_AES_256_CBC_SHA

   RSA) DHE_RSA_WITH_AES_256_CBC_SHA256

   RSA) DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

   RSA) DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

Current default client cipher on BIGIP