Whitelist
Contents |
[edit] Adding Hosts
To add hosts to the ASL whitelist, simply:
1) Log into the ASL gui
2) click on the ASL tab
3) click on "blocking"
4) select the "whitelist" tab
5) At the bottom of the blocking window you will see the field "IP:", enter the IP into that field
6) Optionally enter a reason for this entry in the "reason" field
7) Click the "Whitelist IP" button
[edit] Removing Hosts
To remove hosts from the ASL whitelist, simply:
1) Log into the ASL gui
2) click on the ASL tab
3) click on "blocking"
4) select the "whitelist" tab
5) Scroll down to the IP you wish to remove
6) Click on the "-" button to the right of the IP you wish to remove from the whitelist.
[edit] Applying the whitelist to the firewall
By default hosts on the whitelist will not be shunned by the active response system. However they will not universally trusted by the firewall and will still be restricted based on your firewall policy. To allow a whitelisted host access to any port on the system, enable this option in ASL:
https://www.atomicorp.com/wiki/index.php?title=ASL_firewall#FW_WHITELIST
[edit] Applying the whitelist to the WAF
By default hosts on the whitelist will not be shunned by the active response system. However they will not universally trusted and attacks from these IPs will still be blocked by the WAF. To trust all whitelisted hosts with the WAF enable this option in ASL:
https://www.atomicorp.com/wiki/index.php?title=ASL_WAF#MODSEC_00_WHITELIST