Unblocking currently-blocked hosts
If a host becomes blocked by triggering connection-rate filtering on a port configured to block high connection rates, the host remains blocked on all ports on the switch even if you change the per-port filtering configuration. To help prevent a malicious host from automatically regaining access to the network, the source IP address block imposed by connection-rate filtering does not age-out.
When a host becomes blocked the switch generates a event log message and sends the message to any configured SNMP trap receivers. An example of an event log message is:
Src IP xxx.xxx.xxx.xxx blocked
Before unblocking a host that was blocked by connection-rate filtering, Hewlett Packard Enterprise recommends inspecting the host with current antivirus tools and removing all potentially malicious agents.
If a trusted host frequently triggers connection-rate blocking with legitimate, high connection-rate traffic, consider either changing the sensitivity level on the associated port or configuring a connection-rate ACL to create a filtering exception for the host.
Syntax
connection-rate-filter unblock < all | host | ip-addr >
all
Unblocks
all hosts currently blocked due to action by connection-rate filtering
on ports where block mode has been configured.
host < ip-addr >
Unblocks the single host currently blocked due to action by connection-rate filtering on ports where block mode has been configured.
ip-addr < mask >
Unblocks traffic from any host in the specified subnet currently blocked due to action by connection-rate filtering on ports where block mode has been configured.
There is also an option to unblock any host belonging to a specific
VLAN using the vlan <vid> connection-rate-filter unblock command.
For a complete list of options for unblocking hosts, see Unblocking a currently blocked host.