Signature - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
<Sysname> system-view
[Sysname] nbar application abcd protocol http
[Sysname-nbar-application-abcd] service-port range 2001 2004
Related commands
direction
signature
Use signature to configure a signature for a user-defined NBAR rule.
Use undo signature to cancel the signature configuration.
Syntax
signature [ signature-id ] [ field field-name ] [ offset offset-value ] { hex hex-vector | regex
regex-pattern | string string }
undo signature signature-id
Default
No signatures exist for a user-defined NBAR rule.
Views
NBAR rule view
Predefined user roles
network-admin
Parameters
signature-id: Specifies the signature ID in the range of 1 to 65535. If you do not specify this argument
when creating a signature, the system automatically assigns the signature a signature ID and
records the signature ID. The increment of automatically assigned signature IDs is 5. A new
signature ID is the nearest unassigned multiple of the increment to the latest automatically assigned
signature ID. For example, if the system automatically assigns ID 5 to a signature, the next signature
ID to be assigned automatically will be 10. If signature ID 10 has been assigned manually to a
signature, the next signature ID to be assigned automatically will be 15.
field field-name: Specifies a protocol field by its name. The specified protocol field must be
predefined. This option is available for configuration only if the NBAR rule is applied to HTTP
packets. If you do not specify this option, the configured signature takes effect on all fields in HTTP
packets.
offset offset-value: Specifies the offset from the beginning of the data field, in bytes. The value range
for the offset-value argument is 0 to 65535. A packet matches the signature after the offset. If you do
not specify this option, a packet matches the signature from the beginning. If you also specify the
field field-name option, the offset begins from the protocol field.
hex hex-vector: Specifies a hexadecimal vector as the match pattern. The hex-vector argument is a
string of 6 to 254 characters. The value for the argument must be included by two vertical bars (|).
regex regex-pattern: Specifies a regular expression as the match pattern. The regex-pattern
argument is a case-sensitive string of 3 to 512 characters.
string string: Specifies a string as the match pattern. The string argument is a case-sensitive string
of 3 to 512 characters.
Usage guidelines
The following matrix shows the command and hardware compatibility:
860
Advertisement
Table of Contents
