List acllist

(Optional) A named, standard, or extended access control list (ACL) to filter the traffic that will be scanned.

If the packet is permitted by the ACL, the signature will be scanned and reported. If the packet is denied by the ACL, the signature is deemed disabled.

Table 13-6. ips signature Configuration Options

Use the no form of this command to reenable the signature. If the policy attached an access list to the signature, use the no form of this command to remove the access list:

no ip ips signature signature-id[:sub-signature-id]

Example 13-7 shows an example of using the ip ips signature command to disable and delete signatures.

Example 13-7. Disabling and Deleting Signatures

Router1#configure terminal

Router1(config)#ip ips signature 5184 disable Router1(config)#ip ips signature 9202 delete

It is also possible to exclude traffic from being scanned for the specified signature by using an access list. The access list should be created prior to applying it to the signature. Example 13-8 shows the access list and how it is applied to exclude host 10.200.53.53.

0 0

Post a comment