ZyXEL Communications Security Camera 3.1 ユーザーズマニュアル
Chapter 22 IDP Commands
ZyWALL (ZLD) CLI Reference Guide
184
22.3.2.1 Example of IDP Zone to Zone Rule Commands
The following example creates IDP zone to zone rule one. The rule applies the LAN_IDP profile to all
traffic going to the LAN zone.
traffic going to the LAN zone.
22.3.3 Editing/Creating IDP Signature Profiles
Use these commands to create a new IDP signature profile or edit an existing one. It is
recommended you use the web configurator to create/edit profiles. If you do not specify a base
profile, the default base profile is none.
recommended you use the web configurator to create/edit profiles. If you do not specify a base
profile, the default base profile is none.
Note: You CANNOT change the base profile later!
22.3.4 Editing/Creating Anomaly Profiles
Use these commands to create a new anomaly profile or edit an existing one. It is recommended
you use the web configurator to create/edit profiles. If you do not specify a base profile, the default
base profile is none.
you use the web configurator to create/edit profiles. If you do not specify a base profile, the default
base profile is none.
Router# configure terminal
Router(config)# idp signature rule 1
Router(config-idp-signature-1)# from-zone any
Router(config-idp-signature-1)# to-zone LAN
Router(config-idp-signature-1)# bind LAN_IDP
Router(config-idp-signature-1)# activate
Router(config-idp-signature-1)# exit
Router(config)#show idp signature rules
Signature rules
idp rule: 1
from zone: any
to zone: LAN
profile: LAN_IDP
activate: yes
Table 102
Editing/Creating IDP Signature Profiles
COMMAND
DESCRIPTION
idp signature newpro [base {all | lan | wan |
dmz | none}]
Creates a new IDP signature profile called newpro. newpro uses the
base profile you specify. Enters sub-command mode. All the
following commands relate to the new profile. Use
base profile you specify. Enters sub-command mode. All the
following commands relate to the new profile. Use
exit
to quit
sub-command mode.
[no] signature sid activate
Activates or deactivates an IDP signature.
signature sid log [alert]
Sets log or alert options for an IDP signature
no signature sid log
Deactivates log options for an IDP signature
signature sid action {drop | reject-
sender | reject-receiver | reject-both}
Sets an action for an IDP signature
no signature sid action
Deactivates an action for an IDP signature.
show idp profile signature sid details
Shows signature ID details of the specified profile.
show idp profile signature {all | custom-
signature} details
Shows the signature details of the specified profile.