The ips signature-state command configures the state of predefined signatures.
The undo ips signature-state command restores the state of all predefined signatures to their state in the IPS signature database.
ips signature-state [ signature-id signature-id ] { enabled | disabled }
undo ips signature-state
| Parameter | Description | Value |
|---|---|---|
signature-id signature-id |
Specifies the ID of a predefined signature. |
The value is an integer ranging from 1025 to 16777215. |
enabled |
Enables the specified predefined signature. |
- |
disabled |
Disables the specified predefined signature. |
- |
You can increase threat detection ratio by enabling certain signatures or increase threat detection performance and decrease resource consumption by disabling certain signatures.
After the state of a predefined signature is changed, run engine configuration commit to commit the change to apply it.
The ips signature-state [ signature-id signature-id ] { enabled | disabled } command is used to enable or disable the specified signature.
If no signature ID is specified, the ips signature-state { enabled | disabled } command is used to enable or disable all predefined signatures.
After the state of a predefined signature is changed and committed, run display ips signature-state to check whether the state change takes effect.
During the IPS signature database update, if the predefined signature that has a configured state does not exist in the IPS signature database, the corresponding configurations are reserved but do not take effect. When the current configurations are queried, the following message is displayed: Invalid configuration. The specified signature (signature-id) does not exist in the current library. Please check and delete it.
# Enable all predefined signatures, disable predefined signature 12345, and then commit the changes. After that, disable predefined signature 54330 without committing the change. Then, view the state of all predefined signatures.
<sysname> system-view [sysname] ips signature-state enabled Warning: All predefined signatures will be enabled. Continue? [Y/N]:Y [sysname] ips signature-state signature-id 12345 disabled [sysname] engine configuration commit [sysname] ips signature-state signature-id 54330 disabled [sysname] display ips signature-state -------------------------------------------------------------------- Global : enabled Count : 2 Committed : not committed -------------------------------------------------------------------- Signature-ID Configured-State Default-State Committed -------------------------------------------------------------------- 54330 disabled enabled not committed 12345 disabled enabled committed
Item |
Description |
|---|---|
Global |
Default state for all predefined signatures can be either of the following: To set the default state for all predefined signatures, run ips signature-state { enabled | disabled }. If the default state is not specified, the state will be non-configured. |
Count |
Number of predefined signatures with changed state. |
Committed |
Whether all state changes are committed: |
Signature-ID |
ID of a predefined signature. |
Configured-State |
New state of a predefined signature: To change the state of a predefined signature, run ips signature-state signature-id signature-id { enabled | disabled }. |
Default-State |
State of predefined signatures in the IPS signature database: A predefined signature marked with retired is deprecated and retained only for checking the history of signatures. |
Committed |
Whether the state change of a predefined signature is committed: |