Security::IPIntelligencePolicy¶
Introduced : BIG-IP_v11.5.0
The IPIntelligencePolicy interface enables you to manipulate an IP
Intelligence policy. The IP Intelligence policy is a functionally
enriched generalization of the IP Intelligence profile (the latter has
been immediately deprecated in this release). As opposed to the
deprecated profile, policy can be applied to route domains and
globally in addition to virtual servers. When packet passes through
the system first the global policy is applied, then route domain&aposs
one and then virtual&aposs one provided the configured policies are
applicable to the packet&aposs source IP. In addition to the
predefined blacklist categories (see the
IPIntelligenceBlacklistCategory interface) and 3rd party integrated IP
reputation database coming with the system the IP Intelligence policy
provides an ability to configure dynamic IP whitelists and blacklists
downloaded from external web feeds (see IPIntelligenceFeedList
interface). The IP Intelligence policy is comprised of three logical
groups of settings: 1) List of feed lists create the union set of IP
addresses/subnets with their blacklist/whitelist categorization. The
policy is applied on the packet only if packet&aposs source IP is
found in that set. 2. Enforcement and logging settings per blacklist
category. If the policy applies to the packet and the packet&aposs
source IP&aposs blacklist category is explicitly confgured in the
policy, the configuration settings will be applied to that packet.
When the packet&aposs source IP is categorized with more than one
category the most restrictive action and logging settings will apply.
3. Default policy enforcement and logging settings are used when the
packet to which the policy applied is categorized with the blacklist
which isn&apost explicitly configured in this policy or it is
configured and the corresponding setting is set with the option “use
policy setting”.
Methods¶
Method | Description | Introduced |
add_blacklist_category | Adds a list of categories for the specified policies. | BIG-IP_v11.5.0 |
add_feed_list | Adds a list of feed lists for the specified policies. | BIG-IP_v11.5.0 |
create | Creates a set of policies. | BIG-IP_v11.5.0 |
delete_all_policies | Deletes all user defined policies. | BIG-IP_v11.5.0 |
delete_policy | Deletes the specified policies. | BIG-IP_v11.5.0 |
get_blacklist_category | Gets categories for the specified policies. You can add or remove blacklist categories for the policy. Each category specifies the action, the log message for blacklist hit only setting, and the log message for blacklist and whitelist both hit setting. | BIG-IP_v11.5.0 |
get_blacklist_category_action_type | Gets the action types for the specified blacklist categories. | BIG-IP_v11.5.0 |
get_blacklist_category_description | Gets the descriptions for the specified blacklist categories. | BIG-IP_v11.5.0 |
get_blacklist_category_log_blacklist_hit_only_setting | Gets the log blacklist hit only settings for the specified blacklist categories. | BIG-IP_v11.5.0 |
get_blacklist_category_log_blacklist_whitelist_hit_setting | Gets the log blacklist whitelist hit settings for the specified blacklist categories. | BIG-IP_v11.5.0 |
get_blacklist_category_match_direction | Gets the match directions for the specified blacklist categories. | BIG-IP_v12.0.0 |
get_default_action_type | Gets the default action types for the specified policies. | BIG-IP_v11.5.0 |
get_description | Gets the descriptions for the specified policies. | BIG-IP_v11.5.0 |
get_feed_list | Gets feed lists for the specified policies. You can add or remove feed lists for the policy. A feed list is a list of URL feeds. | BIG-IP_v11.5.0 |
get_list | Gets a list of all policies. An IP intelligence policy is comprised of three logical groups of settings: list of feed lists, enforcement and logging settings per blacklist category, and default enforcement and logging settings for blacklist categories. | BIG-IP_v11.5.0 |
get_log_blacklist_hit_state | Gets the log blacklist hit states for the specified policies. | BIG-IP_v11.5.0 |
get_log_blacklist_whitelist_both_hit_state | Gets the log blacklist whitelist both hit states for the specified policies. | BIG-IP_v11.5.0 |
get_version | Gets the version information for this interface. | BIG-IP_v11.5.0 |
remove_all_blacklist_categories | Removes all categories from the specified policies. | BIG-IP_v11.5.0 |
remove_all_feed_lists | Removes all feed lists from the specified policies. | BIG-IP_v11.5.0 |
remove_blacklist_category | Removes a list of categories from the specified policies. | BIG-IP_v11.5.0 |
remove_feed_list | Removes a list of feed lists from the specified policies. | BIG-IP_v11.5.0 |
set_blacklist_category_action_type | Sets the action types for the specified blacklist categories. Specifies what enforcement action will be applied if the packet is categorized with this blacklist category. If the packet is categorized with more than one blacklist the most restrictive action will be applied. | BIG-IP_v11.5.0 |
set_blacklist_category_description | Sets the descriptions for the specified blacklist categories. This is an arbitrary field which can be used for any purpose. | BIG-IP_v11.5.0 |
set_blacklist_category_log_blacklist_hit_only_setting | Sets the log blacklist hit only settings for the specified blacklist categories. Specifies if a log message will be generated if the packet is categorized with this blacklist and no whitelists includes this packet&aposs IP. | BIG-IP_v11.5.0 |
set_blacklist_category_log_blacklist_whitelist_hit_setting | Sets the log blacklist whitelist hit settings for the specified blacklist categories. Specifies if a log message will be generated if the packet is categorized with this blacklist and the packet&aposs IP is listed in a whitelist. | BIG-IP_v11.5.0 |
set_blacklist_category_match_direction | Sets the match directions for the specified blacklist categories. Specifies the match direction for this blacklist category within this policy. This can be set to source, destination, or both. | BIG-IP_v12.0.0 |
set_default_action_type | Sets the default action types for the specified policies. Specifies a default enforcement action which will be performed on the matched packet unless an implicit action is specified for one of the blacklist categories the packet&aposs IP is categorized with. If the packet&aposs IP is listed in a white list the action is always accept. | BIG-IP_v11.5.0 |
set_description | Sets the descriptions for the specified policies. This is an arbitrary field which can be used for any purpose. | BIG-IP_v11.5.0 |
set_log_blacklist_hit_state | Sets the log blacklist hit states for the specified policies. Specifies whether a log message will be generated if packet&aposs source IP is categorized with blacklist only (but not whitelist). | BIG-IP_v11.5.0 |
set_log_blacklist_whitelist_both_hit_state | Sets the log blacklist whitelist both hit states for the specified policies. Specifies whether log message will be generated if packet&aposs source IP is categorized with both blacklist and whitelist. | BIG-IP_v11.5.0 |
Enumerations¶
Enumeration | Description |
IPIntelligencePolicyActionType | A list of types for dynamic whitelist/blacklist actions. |
IPIntelligencePolicyBlacklistCategoryLogType | A list of blacklist category log types for IP intelligence policy. |
IPIntelligencePolicyMatchDirection | A list of match directions for dynamic whitelist/blacklist policy categories. |
Aliases¶
Alias | Type | Description |
IPIntelligencePolicyActionTypeSequence | IPIntelligencePolicyActionType [] | A sequence of IP intelligence policy action types. |
IPIntelligencePolicyActionTypeSequenceSequence | IPIntelligencePolicyActionType [] [] | A sequence of sequence of IP intelligence policy action types. |
IPIntelligencePolicyActionTypeSequenceSequenceSequence | IPIntelligencePolicyActionType [] [] [] | A sequence of sequence of sequence of IP intelligence policy action types. |
IPIntelligencePolicyBlacklistCategoryLogTypeSequence | IPIntelligencePolicyBlacklistCategoryLogType [] | A sequence of IP intelligence policy blacklist category log types. |
IPIntelligencePolicyBlacklistCategoryLogTypeSequenceSequence | IPIntelligencePolicyBlacklistCategoryLogType [] [] | A sequence of sequence of IP intelligence policy blacklist category log types. |
IPIntelligencePolicyBlacklistCategoryLogTypeSequenceSequenceSequence | IPIntelligencePolicyBlacklistCategoryLogType [] [] [] | A sequence of sequence of sequence of IP intelligence policy blacklist category log types. |
IPIntelligencePolicyMatchDirectionSequence | IPIntelligencePolicyMatchDirection [] | A sequence of IP intelligence policy match directions. |
IPIntelligencePolicyMatchDirectionSequenceSequence | IPIntelligencePolicyMatchDirection [] [] | A sequence of sequence of IP intelligence policy match directions. |
See Also¶
iControl ::
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.