It is possible to configure Adaptive Response rules to exclude both internal or external hosts and subnets from the data transfer limits. This configuration option is available using the following CLI commands:
adaptive limit <limit-name> except network-object {internal|external} <network object>
The following examples illustrate how to exclude IP addresses or subnets from the Adaptive Response quota. The first example excludes an internal IP address that exists on the LAN-side of the Exinda appliance. The second example excludes an entire subnet that exists on the WAN-side of the Exinda appliance.
|
E X A M P L E Create an Adaptive Response rule which adds IP addresses from the static Students Network Object to the Dynamic Network Object Students-Over-Quota once 200 MB has been downloaded per day, except for the IP address 192.168.0.50. network-object IgnoreUser subnet 192.168.0.50 /32 network-object IgnoreUser location internal adaptive limit Students-AR network-object source Students destination Students-Over-Quota adaptive limit Students-AR amount 200 adaptive limit Students-AR duration daily adaptive limit Students-AR direction inbound adaptive limit Students-AR enable adaptive limit Students-AR except network-object internal IgnoreUser |
|
E X A M P L E Create an Adaptive Response rule which adds IP addresses from the static Students Network Object to the Dynamic Network Object Students-Over-Quota once 200 MB has been downloaded per day except for the DMZ subnet 203.122.212.128 /27. network-object IgnoreDMZ subnet 203.122.212.128 /27 network-object IgnoreDMZ location external adaptive limit Students-AR network-object source Students destination Students-Over-Quota adaptive limit Students-AR amount 200 adaptive limit Students-AR duration daily adaptive limit Students-AR direction inbound adaptive limit Students-AR enable adaptive limit Students-AR except network-object external IgnoreDMZ |
|
|
|