ZyXEL Communications 3.1 User Manual
Chapter 22 IDP Commands
ZyWALL (ZLD) CLI Reference Guide
188
22.3.4.1 Creating an Anomaly Profile Example
In this example we create a profile named “test”, configure some settings, display them, and then
return to global command mode.
return to global command mode.
22.3.5 Editing System Protect
Use these commands to edit the system protect profiles.
22.3.6 Signature Search
Use this command to search for signatures in the named profile.
Router# configure terminal
Router(config)# idp anomaly test
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset action drop
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset log alert
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset activate
Router(config-idp-anomaly-profile-test)# no tcp-decoder oversize-offset activate
Router(config-idp-anomaly-profile-test)# exit
Router(config)# show idp anomaly test tcp-decoder oversize-offset details
message: (tcp_decoder) OVERSIZE-OFFSET ATTACK
keyword: tcp-decoder oversize-offset
activate: no
action: drop
log: log alert
Router(config)#
Table 104
Editing System Protect Profiles
COMMAND
DESCRIPTION
idp system-protect
Configure the system protect profile. Enters sub-command mode.
All the following commands relate to the new profile. Use
All the following commands relate to the new profile. Use
exit
to
quit sub-command mode.
[no] signature sid activate
Activates or deactivates an IDP signature.
signature sid log [alert]
Sets log or alert options for an IDP signature
no signature sid log
Deactivates log options for an IDP signature
signature sid action {drop | reject-
sender | reject-receiver | reject-both}
Sets an action for an IDP signature
no signature SID action
Deactivates an action for an IDP signature.
show idp system-protect all details
Displays the system protect profile details.