match intrusion {detection | prevention}
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
849
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
MATCH INTRUSION {DETECTION | PREVENTION}
[<1-65535>] match [{all|any}] <match-list name> intrusion
<sensor name> {detection|prevention [reset]}
DESCRIPTION
This command is entered in the Firewall Policy Configuration Mode.
This command is used to attach an intrusion sensor to a firewall policy, and create
rules (set priority for the rule, associate match-lists and action) for a firewall policy.
This command also sets the action detection or prevention for the configured rule.
This rule number signifies the priority of a rule.
PARAMETER
EXAMPLE
ALU(config-firewall)#policy policy1
ALU(config-firewall-policy1)#1 match m1 intrusion sensor1
detection
NO DEBUG TRACE FIREWALL INTRUSION SELECTOR
no debug firewall
{session|filter|nat|attack|alg|intrusion|selector [saddr <ip-
address>|daddr <ip- address>|protocol <number>|sport
<number>|dport <number>][output|permanent]|all [detail-level]}
This command is entered in the Super User Mode or Configuration Mode. Use
this command to turn off the debugging functionality for IDS/IPS.
Parameter Description
1-65535 The range for the intrusion rule. This rule
number signifies the priority of a rule.
match [{all|any}] <match-list
name>
match all - In this type of match, the
relevant action is performed only when
all the match-list criteria is satisfied.
match any - In this type of match, the
relevant action is performed even if any
one of the match-list criterion is satisfied.
sensor name Name of the sensor.
detection Detects the intrusion.
prevention Detects and also prevents the intrusion.
reset Resets the connection on detection of
intrusion attacks.
To Next Page
Loading...
Need help?
General
