Yes. First, ensure that the ‘managemanual’ setting in the [banip] stanza of your secast.conf file is set to true.
Next, from the telnet interface to SecAst manually add the IP address to the ban list. For example:
SecAst>banip add 1.2.3.4
Issued request to add IP 1.2.3.4. Check event log for errors, or use ‘banip list’ to confirm add
SecAst>
After that SecAst will leave the address in your blocked IP list, and never expire the ban.