The whitelist command configures antivirus whitelist rules.
The undo whitelist command deletes antivirus whitelist rules.
whitelist { host host-text | url url-text | source-address { ip-address | range start-ip-address end-ip-address } | destination-address { ip-address | range start-ip-address end-ip-address } }
undo whitelist { host { host-text | all } | url { url-text | all } | source-address { ip-address | range start-ip-address end-ip-address | all } | destination-address { ip-address | range start-ip-address end-ip-address | all } | all }
| Parameter | Description | Value |
|---|---|---|
| host-text | Specifies the domain name. |
The value is a character string and the length is 4 to 80 characters, without special character slash (/), back slash (\), number sign (#), double quotation mark ("), question mark (?), or space. * indicates wildcard, which appears at the beginning or end of a domain name. * appearing in the middle of a character string functions as a common character, not wildcard. For example, in domain names **abc and *a*bc, the first * is wildcard, and the second * is a common character. If a domain name does not contain any wildcard, the domain name must contain at least four consecutive characters, such as abcd. If the domain name contains wildcard, it must contain at least three consecutive characters except the wildcard, such as *abc, *abc*, **ab, and *a*b. |
| url-text | Specifies the URL. |
The value is a character string. If the URL does not contain any space or question mark (?), the length is 4 to 80 characters. If the URL contains spaces or question marks (?) (not at the end), the URL must be enclosed by double quotation marks ("") and the length is 6 to 82 characters. Pre-processing removes http:// from the entered character string. If the URL contains double quotation marks (""), you need to replace them with escape characters "%22". For example, if the URL is www.example.com/abc/def?"gh, you need to enter www.example.com/abc/def?%22gh. * indicates wildcard, which appears at the beginning or end of a URL. * appearing in the middle of a character string functions as a common character, not wildcard. For example, in URLs **abc and *a*bc, the first * is wildcard, and the second * is a common character. If a URL does not contain any wildcard, the URL must contain at least four consecutive characters, such as abcd. If the URL contains wildcard, it must contain at least three consecutive characters except the wildcard, such as *abc, *abc*, **ab, and *a*b. |
| ip-address | Specifies the IP address. |
It is in dotted decimal notation. |
| start-ip-address end-ip-address | Specifies the start and end IP addresses of the IP address range. |
It is in dotted decimal notation. |
| all | Indicates all whitelist rules. |
- |
After you configure a whitelist rule, you need to run the engine configuration commit command to commit the whitelist rule.
A whitelist comprises whitelist rules. You can configure whitelist rules for trusted domain names, URLs, IP addresses, and IP address ranges to improve antivirus detection ratio. A whitelist rule applies only to the corresponding antivirus profile because each antivirus profile has its own whitelist.
For domain names and URLs, the whitelist rules have the following matching modes:
Prefix match: When host-text or url-text is set to the example* format, the whitelist rule is matched as long as the prefix of the domain or URL is example.
Suffix match: When host-text or url-text is set to the *example format, the whitelist rule is matched as long as the suffix of the domain or URL is example.
Keyword match: When host-text or url-text is set to the *example* format, the whitelist rule is matched as long as the domain or URL contains example.
Exact match: The domain name or URL must be the same as host-text or url-text to match the whitelist rule.