beautypg.com

Pnic compilerules, Pnic default-drop-disable – Force10 Networks PSeries 100-00055-01 User Manual

Page 85

background image

P-Series Installation and Operation Guide, version 2.3.1.2

85

pnic compilerules

Transform the dynamic Snort rules contained in /usr/local/pnic/0/rules.custom into binary
code suitable for the DPI processor.

Syntax

pnic compilerules [number]

Parameters

Command

History

Example

Figure 47 pnic compilerules Command Example

[root@localhost SW]# pnic compilerules
No card number specified. Assuming card 0

Compiling dynamic rules for pnic0

Parsing the dynamic rules for channel0

Parsing the dynamic rules for channel1


Version : P_MAIN2.2.0.058

[root@localhost SW]#

Usage

Information

The binary code created by this command is stored in the file /usr/local/pnic/0/
pnic_{0|1}.bin. This command also updates the rule description databases /usr/local/pnic/0/
pnic_{0|1}.custmapping.

pnic default-drop-disable

Disable firewall functionality. This is the default behavior.

pnic default-drop-disable

[

number

]

Enable firewall functionality using the command

pnic default-drop-enable

.

Parameters

Command

History

number

(OPTIONAL) Enter the number of the network interface card.

Range: 0-5

Default: 0

Version 2.0.0.1

Introduced

number

(OPTIONAL) Enter the number of the network interface card.

Range: 0-5

Default: 0

Version 2.2.0.0

Introduced

See also other documents in the category Force10 Networks Hardware: