ips detect ip-port-verify enable

By default, IP address and port check is enabled in IPS detection.

Usage Scenario

When configuring an IPS signature, you can set the attack source and destination IP addresses as well as the source and destination ports in the ip and port fields of the signature rule. After you run the ips detect ip-port-verify enable command to enable IP address and port check in IPS detection, the IPS engine matches the IP address and port number obtained from a packet with the ip and port fields in the signature.

You can run the undo ips detect ip-port-verify enable command to disable IP address and port check in IPS detection. After IP address and port check in IPS detection is disabled, if the ip or port field of a signature contains the keyword force_check, the IPS engine forcibly checks IP addresses or port numbers against the signature. If the ip or port field of a signature does not contain the keyword force_check, the IPS engine does not check the IP addresses and port numbers against the signature.

Precautions

• This command takes effect only for the third-generation IPS engine.
• This command can be configured only in the public system.
• For details about how to use the force_check field, see the Online Syntax Manual.
• After running this command, run the engine configuration commit command to make the configuration take effect.