Example: Inserting a Rule in the IDP Rulebase

This example shows how to insert a rule in the rulebase.

Requirements

Before you begin:

• Configure network interfaces. See Junos OS Interfaces Configuration Guide for Security Devices.
• Define rules in a rulebase. See Example: Defining Rules for an IDP IPS Rulebase.

Overview

The IDP rule-matching algorithm starts from the top of the rulebase and checks traffic against all rules in the rulebase that match the specified match conditions. You determine the sequence in which rules are applied to network traffic by placing them in the desired order. When you add a rule to the rulebase, it is placed at the end of the existing list of rules. To place a rule in any other location than at the end of the rulebase, you insert the rule at the desired location in the rulebase. This example places rule R2 before rule R1 in the IPS rulebase in a policy called base-policy.

Configuration

Step-by-Step Procedure

To insert a rule in the rulebase:

1. Define the position of the rule in the rulebase based on the order in which you want the rule to be evaluated.
   [edit]user@host# insert security idp idp-policy base-policy rulebase-ips rule R2 before rule R1
2. If you are done configuring the device, commit the configuration.
   [edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security idp command.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding IDP Policy Rules
• Understanding IDP Policy Rulebases
• Example: Defining Rules for an IDP Exempt Rulebase
• Example: Enabling IDP Protection Against Application-Level DDoS Attacks (CLI)
• Example: Enabling IDP in a Security Policy