Filter
Top Products
Chapter 30 IDP
ZyWALL USG 50 User’s Guide
499
Note: The ZyWALL checks all signatures and continues searching even after a match
is found. If two or more rules have conflicting actions for the same packet, then
the ZyWALL applies the more restrictive action (reject-both, reject-receiver or
reject-sender, drop, none in this order). If a packet matches a rule for reject-
receiver and it also matches a rule for reject-sender, then the ZyWALL will
reject-both.
Figure 297 Configuration > Anti-X > IDP > Custom Signatures
The following table describes the fields in this screen.
Table 150 Configuration > Anti-X > IDP > Custom Signatures
LABEL DESCRIPTION
Custom
Signature
Rules
Use this part of the screen to create, edit, delete or export (save to your
computer) custom signatures.
Add Click this to create a new entry.
Edit Select an entry and click this to be able to modify it.
Remove Select an entry and click this to delete it.
Activate To turn on an entry, select it and click Activate.
Export To save an entry or entries as a file on your computer, select them and
click Export. Click Save in the file download dialog box and then select a
location and name for the file.
Custom signatures must end with the ‘rules’ file name extension, for
example, MySig.rules.
# This is the entry’s index number in the list.
SID SID is the signature ID that uniquely identifies a signature. Click the SID
header to sort signatures in ascending or descending order. It is
automatically created when you click the Add icon to create a new
signature. You can edit the ID, but it cannot already exist and it must be
in the 9000000 to 9999999 range.
Name This is the name of your custom signature. Duplicate names can exist,
but it is advisable to use unique signature names that give some hint as
to intent of the signature and the type of attack it is supposed to prevent.