ESR series service routers.ESR-Series. User manual
•
•
•
•
•
•
Step Description Command Keys
5 Specify the given rule force. esr(config-ips-category-rule)#
action { alert | reject | pass | drop }
alert – traffic is allowed
and the IPS/IDS service
generates a message;
reject – traffic is
prohibited. If it is TCP
traffic, a TCP-RESET
packet is sent to the
sender and recipient, for
the rest of the traffic
type, an ICMP-ERROR
packet is sent. IPS/IDS
service generates a
message;
pass – traffic transfer is
permitted;
drop – traffic is
prohibited and the IPS/
IDS service generates a
message.
6 Set name of IP protocol for which the
rule should work.
esr(config-ips-category-rule)#
protocol <PROTOCOL>
<PROTOCOL> – take values:
any/ip/icmp/http/tcp/udp
When specifying the 'any' value,
the rule will work for any
protocols
7 Set sender IP addresses for which the
rule should work.
esr(config-ips-category-rule)#
source-address
{ip <ADDR> | ip-prefix <ADDR/LEN>
|
object-group <OBJ_GR_NAME> |
policy-object-group
{ protect | external } | any }
<ADDR> – sender IP address,
defined as AAA.BBB.CCC.DDD
where each part takes values of
[0..255];
<ADDR/LEN> – sender IP
subnet, defined as
AAA.BBB.CCC.DDD/EE where
each part AAA-DDD takes
values of [0..255] and LEN
takes values of [1..32].
<OBJ_GR_NAME> – name of IP
addresses profile that contains
sender IP address, set by the
string of up to 31 characters.
protect – sets sender
addresses, protect
addresses defined in
IPS/IDS policy;
external – sets external
addresses defined in
IPS/IDS policy as sender
addresses.
When specifying the 'any' value,
the rule will be triggered for any
source IP address.
To Next Page
Loading...