•
•
•
•
Step Description Command Keys
29 Set the number of offset bytes from the
beginning of the contents of the packet
to check (optional).
Only applicable in conjunction with the
payload content command.
esr(config-ips-category-rule)#
payload offset <OFFSET>
<OFFSET> – the number of
offset bytes from the beginning
of the packet contents, takes a
value in the range [1 .. 65535].
By default, it is checked from
the beginning of the content.
30 Set the size of the contents of packets
for which the rule will trigger (optional).
esr(config-ips-category-rule)#
payload data-size <SIZE>
<SIZE> – packet content size,
takes values in the range of [0..
65535].
esr(config-ips-category-rule)#
payload data-size
comparison-operator { greater-
than | less-than }
Comparison operator for
payload data-size value:
greater-than – greater
than..
less-than – less than.
31 Specify the threshold number of
packets at which the rule will trigger
(optional).
esr(config-ips-category-rule)#
threshold count <COUNT>
<COUNT> – number of packets,
takes values in the range of [1..
65535].
32 Specify the time interval for which the
threshold number of packets is
considered
(Mandatory if threshold count is
enabled).
esr(config-ips-category-rule)#
threshold second <SECOND>
<SECOND> – time interval in
seconds, takes values in the
range of [1.. 65535].
33 Specify at the sender or recipient
address thresholds will be considered.
(Mandatory if threshold count is
enabled).
esr(config-ips-category-rule)#
threshold track
{ by-src | by-dst }
by-src – read threshold
value for packets with
the same IP sender.
by-dst – read threshold
value for packets with
the same IP recipient.
To Next Page
Loading...
Need help?
General
