MATCH INTRUSION
[<1-65535>] match [all|any] <match-list name> intrusion <sensor
name> {detection|prevention [reset]}
D
ESCRIPTION
Enter this command in the Firewall Policy Configuration mode.
This command is used to attach an intrusion sensor to a firewall policy, and create
rules (associate match-list and set priority for the rule) for a firewall policy. This
command also sets the action detection or prevention for the configured rule.
This rule number signifies the priority of a rule.
P
ARAMETER
1-65535
match-list name
sensor name
detection
prevention
reset
E
XAMPLE
ALU(config-firewall)#policy policy1
ALU(config-firewall-policy1)#1 match m1 intrusion sensor1
detection
NO DEBUG TRACE FIREWALL INTRUSION SELECTOR
no debug firewall
{session|filter|nat|attack|alg|intrusion|selector [saddr <ip-
address>|daddr <ip- address>|protocol <number>|sport
<number>|dport <number>][output|permanent]|all [detail-level]}
Use this command to turn off the debugging functionality for IDS.
OmniAccess 700 CLI Command Reference Guide
Beta
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
{
|
DETECTION
PREVENTION
Parameter
Alcatel-Lucent
match intrusion {detection | prevention}
}
Description
The range for the intrusion rule. This rule
number signifies the priority of a rule.
This command forms a match-list of the
Common Classifiers that are pre-
configured. In this type of match, the
relevant action is performed even if one
rule in the list is satisfied.
Name of the sensor.
Detects the intrusion.
Detects and also prevents the intrusion.
Resets the connection on detection of
intrusion attacks.
Beta
713