•
•
•
•
13.6.5 Basic user rules configuration algorithm
Step Description Command Keys
1 Specify a name and enter the
configuration mode of the set of user
rules.
esr(config)# security ips-category
user-defined <WORD>
<WORD> – user rule set name,
set by the string of up to 32
characters.
2 Define a description of a set of user
rules (optionally).
esr(config-ips-category)#
description <DESCRIPTION>
<DESCRIPTION> – description,
set by the string of up to 255
characters.
3 Create a rule and switch to its
configuration mode.
esr(config-ips-category)# rule
<ORDER>
<ORDER> – rule number, takes
values of [1..512].
4 Specify rule description (optional). esr(config-ips-category-rule)#
description <DESCRIPTION>
<DESCRIPTION> – description,
set by the string of up to 255
characters.
5 Specify the given rule force. esr(config-ips-category-rule)#
action { alert | reject | pass | drop }
alert – traffic is allowed
and the IPS/IDS service
generates a message;
reject – traffic is
prohibited. If it is TCP
traffic, a TCP-RESET
packet is sent to the
sender and recepient, for
the rest of the traffic
type, an ICMP-ERROR
packet is sent. IPS/IDS
service generates a
message;
pass – traffic transfer is
permitted;
drop – traffic is
prohibited and the IPS/
IDS service generates a
message.
6 Set name of IP protocol for which the
rule should work.
esr(config-ips-category-rule)#
protocol <PROTOCOL>
<PROTOCOL> – take values:
any/ip/icmp/http/tcp/udp
When specifying the 'any' value,
the rule will work for any
protocols