Home » Motorola Manuals » Wireless » Motorola WS-2000-SME-WW » Manual Viewer

Motorola WS-2000-SME-WW CLI Guide - Page 96

Network Firewall IPS set Command

View all Motorola WS-2000-SME-WW manuals

Add to My Manuals
Save this manual to your list of manuals

Page 96 highlights

3-60 WS2000 Wireless Switch System Reference Guide 3.12.1 Network Firewall IPS set Command set Network Firewall Intrusion Prevention System Commands Sets the Intrusion Prevention System (IPS) parameters. Syntax set [mode|anomaly-config|signature-categories|direction] set mode [enable|disable] set signature-categorises set direction [default|bi-directional] set anomaly-config[-sl |-ml |-md | -hl |-hz |-hlz | -huz ] mode [enable|disable] anomaly-config [-sl | -ml | -md | -hl | -hz | -hlz | -huz ] signature-categories direction [default|bi-directional] Enables or disables IPS. • -sl - Sets the SMTP header length. • -ml - Sets the MIME header length. • -md - Sets the depth of MIME boundary header. • -hl - Sets the field in the HTTP header. • -hz - Sets the HTTP header size. • -hlz - Sets the HTTP header line size. • -huz - Sets the HTTP URI size. Sets the signature categories for IPS. Select from TELNET, POP3, IMAP, NNTP, FTP, SNMP, TCPDNS, UDPDNS, TCPRPC, UDPRPC, HTTP, SMTP, TCPGEN, UDPGEN, ICMP, TCP, UDP, IP. If more than one signature category is specified, separate each category with a space. Each of the signature category must be specified in Upper Case only. Sets the direction to inspect packets. • default - Sets direction as default. This is defined in the signature. • bi-directional - Sets direction as bi-directional. Packets are inspected when received or sent. Example admin(network.fw.ips)>set mode enable admin(network.fw.ips)>set anomaly-config -sl 100 admin(network.fw.ips)>set direction default admin(network.fw.ips)>set signature-categories TELNET POP3 TCP UDP admin(network.fw.ips)>show all IPS mode : enable SMTP Header length : 1024 MIME header length : 1024 Depth of MIME boundary header : 5 Field in HTTP header : 50 HTTP header size : 4096 HTTP header line size : 3072

Section	Page
WS2000 Wireless Switch	1
Product Overview	15
1.1 WS2000 Wireless Switch CLI Reference Guide	15
1.1.1 About this Document	15
1.1.2 Document Conventions	16
1.2 System Overview	18
1.2.1 Management of Access Ports	18
1.3 Hardware Overview	19
1.3.1 Technical Specifications	19
1.3.2 WS 2000 Wireless Switch LED Functions	20
1.4 Software Overview	21
1.4.1 Operating System (OS) Services	21
1.4.2 Cell Controller Services	21
1.4.3 Gateway Services	21
Admin and Common Commands	23
2.1 Common Commands	24
2.1.1 ? Command	25
2.1.2 help Command	26
2.1.3 quit Command	27
2.1.4 save Command	28
2.1.5 .. Command	29
2.1.6 / Command	30
2.2 Admin Menu Commands	31
2.2.1 passwd Command	32
2.2.2 summary Command	33
Network CLI Commands Reference	37
3.1 network	37
3.2 Network AP Commands	39
3.2.1 Network AP add Command	40
3.2.2 Network AP copydefaults Command	41
3.2.3 Network AP delete Command	42
3.2.4 Network AP forget Command	43
3.2.5 Network AP list Command	44
3.2.6 Network AP remap Command	45
3.2.7 Network AP reset Command	46
3.2.8 Network AP revert Command	47
3.2.9 Network AP set Commands	48
3.2.10 Network AP show Command	51
3.3 Network AP Default Commands	53
3.3.1 Network AP Default set Command	54
3.3.2 Network AP Default loadfromcf Command	56
3.3.3 Network AP Default show Command	57
3.4 Network AP Test Commands	58
3.4.1 Network AP Test new Command	59
3.5 Network AP Selfheal commands	60
3.5.1 Network AP Selfheal set Command	61
3.5.2 Network AP Selfheal detect-neighbor Command	62
3.5.3 Network AP Selfheal add Command	63
3.5.4 Network AP Selfheal del Command	64
3.5.5 Network AP Selfheal show Command	65
3.6 Network AP Denyap Commands	66
3.6.1 Network AP Denyap add Command	67
3.6.2 Network AP Denyap delete Command	68
3.6.3 Network AP Denyap show Command	69
3.7 Network AP Smartscan Commands	70
3.7.1 Network AP Smartscan set Command	71
3.7.2 Network AP Smartscan delete Command	72
3.7.3 Network AP Smartscan show Command	73
3.8 Network AP Test Commands	74
3.8.1 Network AP Test new Command	75
3.9 Network AP Mesh Commands	76
3.9.1 Network AP Mesh set Command	77
3.9.2 Network AP Mesh add Command	79
3.9.3 Network AP Mesh del Command	80
3.9.4 Network AP Mesh preferred-list Command	81
3.9.5 Network AP Mesh available-list Command	82
3.9.6 Network AP Mesh show Command	83
3.10 Network DCHP Commands	84
3.10.1 Network DHCP set Command	85
3.10.2 Network DHCP show Command	86
3.11 Network Firewall Commands	87
3.11.1 Network Firewall set Command	88
3.11.2 Network Firewall show Command	90
3.11.3 Network Firewall timeradd Command	91
3.11.4 Network Firewall timerdel Command	92
3.11.5 Network Firewall timerlist Command	93
3.11.6 Network Firewall timerset Command	94
3.12 Network Firewall Intrusion Prevention System Commands	95
3.12.1 Network Firewall IPS set Command	96
3.12.2 Network Firewall IPS show Command	98
3.13 Network Firewall Policy Commands	100
3.13.1 Network Firewall Policy import command	101
3.14 Network Firewall Policy Inbound Commands	102
3.14.1 Network Firewall Policy Inbound add Command	103
3.14.2 Network Firewall Policy Inbound delete Command	104
3.14.3 Network Firewall Policy Inbound insert Command	105
3.14.4 Network Firewall Policy Inbound list Command	106
3.14.5 Network Firewall Policy Inbound move Command	107
3.14.6 Network Firewall Policy Inbound set Command	108
3.15 Network Firewall Policy Outbound Commands	109
3.15.1 Network Firewall Policy Outbound add Command	110
3.15.2 Network Firewall Policy Outbound delete Command	111
3.15.3 Network Firewall Policy Outbound insert Command	112
3.15.4 Network Firewall Policy Outbound list Command	113
3.15.5 Network Firewall Policy Outbound move Command	114
3.15.6 Network Firewall Policy Outbound set Command	115
3.16 Network Firewall Submap Commands	116
3.16.1 Network Firewall Submap add Command	117
3.16.2 Network Firewall Submap delete Command	119
3.16.3 Network Firewall Submap list Command	120
3.16.4 Network Firewall Submap set Command	121
3.16.5 Network Firewall Submap show Command	122
3.17 Network LAN Commands	123
3.17.1 Network LAN set Command	124
3.17.2 Network LAN show Command	126
3.17.3 Network LAN updateDNS Command	127
3.17.4 Network LAN updateAllDNS Command	128
3.18 Network LAN DHCP Commands	129
3.18.1 Network LAN DHCP add Command	130
3.18.2 Network LAN DHCP delete Command	131
3.18.3 Network LAN DHCP list Command	132
3.18.4 Network LAN DHCP set Command	133
3.18.5 Network LAN DHCP show Command	135
3.18.6 Network LAN DHCP renew Command	136
3.19 Network LAN Bridge commands	137
3.19.1 Network LAN Bridge show Command	138
3.19.2 Network LAN Bridge set Command	140
3.20 Network QoS Commands	141
3.20.1 Network QOS clear Command	142
3.20.2 Network QOS set Command	143
3.20.3 Network QOS show Command	144
3.21 Network Router Commands	145
3.21.1 Network Router add Command	146
3.21.2 Network Routes delete Command	147
3.21.3 Network Router list Command	148
3.21.4 Network Router set Command	149
3.21.5 Network Router show Command	150
3.22 Network VLAN Commands	151
3.22.1 Network VLAN set Command	152
3.22.2 Network VLAN show Command	153
3.23 Network WAN Commands	154
3.23.1 Network WAN renew Command	155
3.23.2 Network WAN set Command	156
3.23.3 Network WAN show Command	158
3.24 Network WAN App Commands	159
3.24.1 Network WAN APP addcmd Command	160
3.24.2 Network WAN APP delcmd Command	162
3.24.3 Network WAN APP list Command	164
3.25 Network WAN DynDNS Commands	165
3.25.1 Network WAN DynDNS set Command	166
3.25.2 Network WAN DynDNS show Command	167
3.25.3 Network WAN DynDNS update Command	168
3.26 Network WAN TrunkIPFPolicy Commands	169
3.26.1 Network WAN TrunkIPFPolicy add Command	170
3.26.2 Network WAN TrunkIPFPolicy del Command	171
3.26.3 Network WAN TrunkIPFPolicy set Command	172
3.26.4 Network WAN TrunkIPFPolicy show Command	173
3.27 Network WAN NAT Commands	174
3.27.1 Network WAN NAT add Command	175
3.27.2 Network WAN NAT delete Command	176
3.27.3 Network WAN NAT list Command	177
3.27.4 Network WAN NAT set Command	178
3.27.5 Network WAN NAT show Command	179
3.28 Network WAN VPN Commands	180
3.28.1 Network WAN VPN add Command	181
3.28.2 Network WAN VPN delete Command	182
3.28.3 Network WAN VPN ikestate Command	183
3.28.4 Network WAN VPN list Command	184
3.28.5 Network WAN VPN reset Command	185
3.28.6 Network WAN VPN set Command	186
3.28.7 Network WAN VPN stats Command	191
3.29 Network WAN VPN Cmgr Commands	192
3.29.1 Network WAN VPN Cmgr delca Command	193
3.29.2 Network WAN VPN Cmgr delprivkey Command	194
3.29.3 Network WAN VPN Cmgr delself Command	195
3.29.4 Network WAN VPN Cmgr expcert Command	196
3.29.5 Network WAN VPN Cmgr export-req Command	197
3.29.6 Network WAN VPN Cmgr genreq Command	198
3.30 Network WAN VPN Cmgr impcert Command	199
3.30.1 Network WAN VPN Cmgr listca Command	200
3.30.2 Network WAN VPN Cmgr listprivkey Command	201
3.30.3 Network WAN Vpn Cmgr listself Command	202
3.30.4 Network WAN VPN Cmgr loadca Command	203
3.30.5 Network WAN VPN Cmgr loadself Command	204
3.30.6 Network WAN VPN Cmgr showreq Command	205
3.31 Network WLAN Commands	206
3.31.1 Network WLAN add Command	207
3.31.2 Network WLAN delete Command	208
3.31.3 Network WLAN list Command	209
3.31.4 Network WLAN set Command	210
3.31.5 Network WLAN show Command	215
3.32 Network WLAN Rogue AP Commands	217
3.32.1 Network WLAN Rogueap set Command	218
3.32.2 Network WLAN Rogueap show Command	219
3.33 Network WLAN Rogue AP Approvedlist Commands	220
3.33.1 Network WLAN Rogueap Approvedlist ageout Command	221
3.33.2 Network WLAN Rogueap Approvedlist approve Command	222
3.33.3 Network WLAN Rogueap Approvedlist erase Command	223
3.33.4 Network WLAN Rogueap Approvedlist show Command	224
3.34 Network WLAN Rogue AP Roguelist Commands	225
3.34.1 Network WLAN Rogue AP Roguelist ageout Command	226
3.34.2 Network WLAN Rogue AP Roguelist approve Command	227
3.34.3 Network WLAN Rogue AP Roguelist erase Command	228
3.34.4 Network WLAN Rogue AP Roguelist show Command	229
3.34.5 Network WLAN Rogue AP Roguelist set Command	230
3.34.6 Network WLAN Rogue AP Roguelist deauth Command	231
3.35 Network WLAN Rogue AP Rogue List Locate Commands	232
3.35.1 Network WLAN Rogue AP Rogue List Locate list Command	233
3.35.2 Network WLAN Rogue AP Rogue List Locate start Command	234
3.36 Network WLAN Rogue AP Rogue List MU Scan Commands	235
3.36.1 Network WLAN Rogue AP Rogue List MU Scan list Command	236
3.36.2 Network WLAN Rogue AP Rogue List MU Scan start Command	237
3.37 Network WLAN Rogue AP Rule List Commands	238
3.37.1 Network WLAN Rogue AP Rule List add Command	239
3.37.2 Network WLAN Rogue AP Rule List authsymbolap Command	240
3.37.3 Network WLAN Rogue AP Rule List delete Command	241
3.37.4 Network WLAN Rogue AP Rule List show Command	242
3.38 Network WLAN Enhanced Rogue AP Commands	243
3.38.1 Network WLAN Enhanced Rogue AP show Command	244
3.38.2 Network WLAN Enhanced Rogue AP set Command	245
3.39 Network WLAN MU Probe Commands	246
3.39.1 Network WLAN MU Probe show Command	247
3.39.2 Network WLAN MU Probe set Command	248
3.40 Network WLAN Hotspot Commands	249
3.40.1 Network WLAN Hotspot set Command	250
3.40.2 Network WLAN Hotspot show Command	252
3.40.3 Network WLAN Hotspot Import Command	253
3.41 Network WLAN Hotspot RADIUS commands	254
3.41.1 Network WLAN Hotspot RADIUS show Command	255
3.41.2 Network WLAN Hotspot RADIUS set Command	256
3.42 Network WLAN Hotstpot White-list Commands	258
3.42.1 Network WLAN Hotspot White-list add Command	259
3.42.2 Network WLAN Hotspot White-list clear Command	260
3.42.3 Network WLAN Hotspot White-list show Command	261
3.43 Network WLAN WLAN IP Fiter Policy Commands	262
3.43.1 Network WLAN WLAN IP Filter Policy set Command	263
3.43.2 Network WLAN WLAN IP Filter Policy add Command	264
3.43.3 Network WLAN WLAN IP Filter Policy del Command	265
3.43.4 Network WLAN WLAN IP Filter Policy show Command	266
3.44 Network Port Commands	267
3.44.1 Network Port set Command	268
3.44.2 Network Port show Command	269
3.45 Network IP Filter Commands	270
3.45.1 Network IP Filter add Command	271
3.45.2 Network IP Filter del Command	272
3.45.3 Network IP Filter Shlow Command	273
3.46 Network WIPS Command	274
3.46.1 Network WIPS set Command	275
3.46.2 Network WIPS show Command	276
3.46.3 Network WIPS list Command	277
3.46.4 Network WIPS convert Command	278
3.46.5 Network WIPS revert Command	279
3.46.6 Network WIPS update Command	280
3.47 Network WIPS Default commands	281
3.47.1 Network WIPS set Command	282
3.47.2 Network WIPS show Command	283
3.48 Network WIDS Commands	284
3.48.1 Network WIDS delete Command	285
3.48.2 Network WIDS set Command	286
3.48.3 Network WIDS show Command	290
3.49 Network URL Filter Commands	291
3.49.1 Network URL Filter set Command	292
3.49.2 Network URL Filter show Command	293
3.50 Network URL Filter Keyword Commands	294
3.50.1 Network URL Filter Keyword add Command	295
3.50.2 Network URL Filter Keyword delete Command	296
3.50.3 Network URL Filter Keyword removeall Command	297
3.50.4 Network URL Filter Keyword show Command	298
3.51 Network URL Filter White list Commands	299
3.51.1 Network URL Filter White List add Command	300
3.51.2 Network URL Filter White List delete Command	301
3.51.3 Network URL Filter White List show Command	302
3.52 Network URL Filter Black List Commands	303
3.52.1 Network URL Filter Black List add Command	304
3.52.2 Network URL Filter Black List delete Command	305
3.52.3 Network URL Filter Black List show Command	306
3.53 Network URL Filter Trusted IP Commands	307
3.53.1 Network URL Filter Trusted IP add Command	308
3.53.2 Network URL Filter Trusted IP delete Command	309
3.53.3 Network URL Filter Trusted IP show Command	310
System CLI Commands Reference	311
4.1 system	311
4.1.1 System lastpw Command	312
4.1.2 System exec Command	313
4.2 System Authentication Commands	314
4.2.1 System Authentication set Command	315
4.2.2 System Authentication show Command	316
4.3 System Authentication RADIUS Commands	317
4.3.1 System Authentication RADIUS set Command	318
4.3.2 System Authentication RADIUS show Command	319
4.4 System Configuration Commands	320
4.4.1 System Config default Command	321
4.4.2 System Config export Command	322
4.4.3 System Config import Command	324
4.4.4 System Config partial Command	325
4.4.5 System Config set Command	326
4.4.6 System Config show Command	328
4.4.7 System Config update Command	329
4.4.8 System Config sensor-fw-update Command	330
4.4.9 System Config loadtocf Command	331
4.5 System Logs Commands	332
4.5.1 System Logs delete Command	333
4.5.2 System Logs send Command	334
4.5.3 System Logs set Command	335
4.5.4 System Logs Show Command	336
4.5.5 System Logs View Command	337
4.6 System NTP Commands	338
4.6.1 System NTP Set Command	339
4.6.2 System NTP Show Command	340
4.6.3 System NTP Date-zone Command	341
4.6.4 System NTP zone-list Command	342
4.7 System RADIUS Commands	343
4.7.1 System RADIUS generate-dh-param Command	344
4.7.2 System RADIUS set Command	345
4.7.3 System RADIUS show Command	346
4.8 System RADIUS Client Commands	347
4.8.1 System RADIUS Client add Command	348
4.8.2 System RADIUS Client del Command	349
4.8.3 System RADIUS Client show Command	350
4.9 System RADIUS EAP Commands	351
4.9.1 System RADIUS EAP import Command	352
4.9.2 System RADIUS EAP set Command	353
4.9.3 System RADIUS EAP show Command	354
4.10 System RADIUS EAP PEAP Commands	355
4.10.1 System RADIUS EAP PEAP set Command	356
4.10.2 System RADIUS EAP PEAP show Command	357
4.11 System RADIUS EAP TTLS Commands	358
4.11.1 System RADIUS EAP TTLS set Command	359
4.11.2 System RADIUS EAP TTLS show Command	360
4.12 System RADIUS LDAP Commands	361
4.12.1 System RADIUS LDAP set Command	362
4.12.2 System RADIUS LDAP show Command	364
4.12.3 System RADIUS LDAP import Command	365
4.12.4 System RADIUS LDAP join Command	366
4.13 System RADIUS Policy Commands	367
4.13.1 System RADIUS Policy set Command	368
4.13.2 System RADIUS Policy show Command	369
4.14 System RADIUS Proxy Commands	370
4.14.1 System RADIUS Proxy add Command	371
4.14.2 System RADIUS Proxy del Command	372
4.14.3 System RADIUS Proxy clearall Command	373
4.14.4 System RADIUS Proxy set Command	374
4.14.5 System RADIUS Proxy show Command	375
4.15 System Redundancy Commands	376
4.15.1 System Redundancy set Command	377
4.15.2 System Redundancy show Command	379
4.16 System SNMP Commands	380
4.17 System SNMP Access Commands	381
4.17.1 System SNMP Access add Command	382
4.17.2 System SNMP Access delete Command	384
4.17.3 System SNMP Access list Command	386
4.17.4 System SNMP Access show Command	387
4.18 System SNMP Traps Commands	388
4.18.1 System SNMP Traps add Command	389
4.18.2 System SNMP Traps delete Command	391
4.18.3 System SNMP Traps list Command	392
4.18.4 System SNMP Traps set Command	393
4.18.5 System SNMP Traps show Command	397
4.19 System SSH Commands	399
4.19.1 System SSH set Command	400
4.19.2 System SSH show Command	401
4.20 System User Database Commands	402
4.21 System User Database Group Commands	403
4.21.1 System Userdb Group add Command	404
4.21.2 System Userdb Group create Command	405
4.21.3 System Userdb Group delete Command	406
4.21.4 System Userdb Group clearall Command	408
4.21.5 System Userdb Group remove Command	409
4.21.6 System Userdb Group set Command	410
4.21.7 System Userdb Groups show Command	412
4.22 System User Database User Commands	413
4.22.1 System Userdb User add Command	414
4.22.2 System Userdb User del Command	415
4.22.3 System Userdb User clearall Command	416
4.22.4 System Userdb User set Command	417
4.22.5 System Userdb Users show Command	418
4.23 System User Database User Guest commands	419
4.23.1 System Userdb User Guest set Command	420
4.23.2 System Userdb User Guest show Command	421
4.23.3 System Usredb User Guest clear Command	422
4.24 System WS2000 Commands	423
4.24.1 System WS2000 add Command	424
4.24.2 System WS2000 delete Command	425
4.24.3 System WS2000 restart Command	426
4.24.4 System WS2000 set Command	427
4.24.5 System WS2000 show Command	431
4.25 System CF commands	432
4.25.1 System CF ls Command	433
4.26 System HTTP commands	434
4.26.1 System HTTP import Command	435
4.26.2 System HTTP show Command	436
4.27 System Test Commands	437
4.27.1 System Test set Command	438
4.27.2 System Test show Command	439
Statistics Commands	441
5.1 stats	441
5.2 Stats Show Command	442
5.3 Statistics RF Commands	445
5.3.1 Stats RF reset Command	446

Match case Limit results 1 per page

3-60

WS2000 Wireless Switch System Reference Guide

3.12.1

Network Firewall IPS set Command

set

Network Firewall Intrusion Prevention System Commands

Sets the Intrusion Prevention System (IPS) parameters.

Syntax

set [mode|anomaly-config|signature-categories|direction]

set mode [enable|disable]

set signature-categorises <category-list>

set direction [default|bi-directional]

set anomaly-config[-sl <smtplen>|-ml <mimelen>|-md <mimedepth>|

-hl <httpline>|-hz <httpsize>|-hlz <httplinesize>|

-huz <httpurisize>]

Example

admin(network.fw.ips)>set mode enable

admin(network.fw.ips)>set anomaly-config -sl 100

admin(network.fw.ips)>set direction default

admin(network.fw.ips)>set signature-categories TELNET POP3 TCP UDP

admin(network.fw.ips)>show all

IPS mode

: enable

SMTP Header length

: 1024

MIME header length

: 1024

Depth of MIME boundary header

: 5

Field in HTTP header

: 50

HTTP header size

: 4096

HTTP header line size

: 3072

mode [enable|disable]

Enables or disables IPS.

anomaly-config

[-sl <smtplen>|

-ml <mimelen>|

-md <mimedepth>|

-hl <httphline>|

-hz <httphsize>|

-hlz <httplinesize>|

-huz <httpurisize>]

•

-sl <smtplen> – Sets the SMTP header length.

•

-ml <mimelen> – Sets the MIME header length.

•

-md <mimedepth> – Sets the depth of MIME boundary header.

•

-hl <httphline> – Sets the field in the HTTP header.

•

-hz <httphsize> – Sets the HTTP header size.

•

-hlz <httplinesize> – Sets the HTTP header line size.

•

-huz <httpurisize> – Sets the HTTP URI size.

signature-categories

<category-list>

Sets the signature categories for IPS. Select

<category-list>

from

TELNET

POP3

IMAP

NNTP

FTP

SNMP

TCPDNS

UDPDNS

TCPRPC

UDPRPC

HTTP

SMTP

TCPGEN

UDPGEN

ICMP

TCP

UDP

IP.

If more than one signature category is specified, separate each category

with a space. Each of the signature category must be specified in Upper

Case only.

direction [default|bi-directional]

Sets the direction to inspect packets.

•

default – Sets direction as default. This is defined in the signature.

•

bi-directional – Sets direction as bi-directional. Packets are inspected

when received or sent.