Chapter 29 IDP

Table 135

IP v4 Packet Headers (continued)

HEADER

 

DESCRIPTION

Options

 

IP options is a variable-length list of IP options for a datagram that

 

 

define IP Security Option, IP Stream Identifier, (security and

 

 

handling restrictions for the military), Record Route (have each

 

 

router record its IP address), Loose Source Routing (specifies a

 

 

list of IP addresses that must be traversed by the datagram), Strict

 

 

Source Routing (specifies a list of IP addresses that must ONLY

 

 

be traversed by the datagram), Timestamp (have each router

 

 

record its IP address and time), End of IP List and No IP Options.

 

 

 

Padding

 

Padding is used as a filler to ensure that the IP packet is a multiple

 

 

of 32 bits.

 

 

 

29.10 Configuring Custom Signatures

Select Anti-X > IDP > Custom Signatures. The first screen shows a summary of all custom signatures created. Click the SID or Name heading to sort. Click the Add icon to create a new signature or click the Edit icon to edit an existing signature. You can delete signatures here or save them to your computer.

"The ZyWALL checks all signatures and continues searching even after a match is found. If two or more rules have conflicting actions for the same packet, then the ZyWALL applies the more restrictive action (reject-both,reject-receiver or reject-sender, drop, none in this order). If a packet matches a rule for reject-receiverand it also matches a rule for reject- sender, then the ZyWALL will reject-both.

Figure 330 Anti-X > IDP > Custom Signatures

434

 

ZyWALL USG 300 User’s Guide