ZyXEL Communications ZyWALL 1000 User Manual

Chapter 29 IDP

ZyWALL USG 1000 User’s Guide

Select Anti-X > IDP > Custom Signatures. The first screen shows a summary of all custom 
signatures created. Click the SID or Name heading to sort. Click the Add icon to create a new 
signature or click the Edit icon to edit an existing signature. You can delete signatures here or 
save them to your computer.

"

The ZyWALL checks all signatures and continues searching even after a 
match is found. If two or more rules have conflicting actions for the same 
packet, then the ZyWALL applies the more restrictive action (reject-both, 
reject-receiver or reject-sender, drop, none in this order). If a packet 
matches a rule for reject-receiver and it also matches a rule for reject-
sender, then the ZyWALL will reject-both.

Figure 330   Anti-X > IDP > Custom Signatures

Options

IP options is a variable-length list of IP options for a datagram that 

define IP Security Option, IP Stream Identifier, (security and 

handling restrictions for the military), Record Route (have each 

router record its IP address), Loose Source Routing (specifies a 

list of IP addresses that must be traversed by the datagram), Strict 

Source Routing (specifies a list of IP addresses that must ONLY 

be traversed by the datagram), Timestamp (have each router 

record its IP address and time), End of IP List and No IP Options. 

Padding

Padding is used as a filler to ensure that the IP packet is a multiple 

of 32 bits.

Table 135   IP v4 Packet Headers  (continued)