Table of Contents
Advertisement
Configuring the Network Layer Module
5.
Click Add to display the Network Layer Log Options dialog box.
6.
Select the desired Action, either log or ignore.
7.
Enter the source IP address or CIDR block for the rule using the following format:
<IP address>/<mask>
Select the appropriate IP version checkbox. Network masks can range from 0-32 for IPv4 and
0-128 for IPv6.
8.
Enter the option value. Refer to
an asterisk (*) as a wildcard for any option.
9.
Click OK. The rule is displayed in the table.
10. Click Edit or Delete to change or delete existing rules.
11. Use the Move Up and Move Down buttons to place the rules in the desired order.
12. Click Commit to add your changes to the policy being configured.
Example
The following example shows three rules configured. The first rule tells the sensor to log loose
source routed packets (option number 131) from any source. The second rule tells the sensor to log
strict source routed packets (option number 137) from any source. The third rule tells the sensor to
ignore alert traffic (option number 148) sourced from network 10.100.100.0/24, the local network.
2-40 Creating Network Sensor Policies
Table 2-5
on page 2-39 for a list of common option values. Use
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?