|
| Chapter 22 IDP Commands | |
|
|
|
|
Table 80 Global Profile Commands |
|
| |
COMMAND |
| DESCRIPTION |
|
show idp signature base |
| Lists the specified signature base profile’s settings. Use more to display |
|
profile |
| the settings page by page. |
|
{allnonewanlandmz} |
|
|
|
settings |
|
|
|
show idp profiles |
| Displays all IDP signature profiles. |
|
22.3.1.1 Example of Global Profile Commands
In this example we rename an IDP signature profile from “old_profile” to “new_profile”, delete the “bye_profile” and show all base profiles available.
Router# configure terminal
Router(config)# idp rename signature old_profile new_profile Router(config)# no idp signature bye_profile Router(config)# show idp signature base profile
No. Base Profile Name
==============================================================
1none
2all
3wan
4lan
5dmz Router(config)#
22.3.2IDP Zone to Zone Rules
Use the following rules to apply IDP profiles to specific directions of packet travel.
Table 81 IDP Zone to Zone Rule Commands
COMMAND | DESCRIPTION |
idp {signature anomaly } rule { append | Create an IDP signature or anomaly rule and enter the sub- |
<1..64> insert <1..64> } | command mode. |
bind profile | Binds the IDP profile to the entry’s traffic direction. |
no bind | Removes the IDP profile’s binding. |
[no] | Specifies the zone the traffic is coming from. The no |
| command removes the zone specification. |
[no] | Specifies the zone the traffic is going to. The no command |
| removes the zone specification. |
[no] activate | Turns on the IDP profile to traffic direction binding. The no |
| command turns it off. |
idp {signature anomaly } rule { delete | Remove or move an IDP profile to traffic direction entry. |
<1..64> move <1..64> to <1..64> } |
|
no idp {signature anomaly } rule | Removes an IDP profile to traffic direction entry. |
<1..64> |
|
show idp {signature anomaly } rules | Displays the IDP zone to zone rules. |
| 147 |
NXC CLI Reference Guide | |
|
|