B-27
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Appendix B Signature Engines
Atomic Engine
specify-icmp-id {yes | no} (Optional) Enables inspection of the
Layer 4 ICMP ID:
• icmp-id—Specifies the value of
the ICMP header IDENTIFIER.
0 to 65535
specify-icmp-seq {yes | no} (Optional) Enables inspection of the
Layer 4 ICMP sequence:
• icmp-seq—Specifies the ICMP
sequence to inspect.
0 to 65535
specify-icmp-type {yes | no}
(Optional) Enables inspection of the
ICMP header type:
• icmp-type—Specifies the value of
the ICMP header TYPE.
0 to 65535
specify-icmp-total-length {yes | no} (Optional) Enables inspection of the
Layer 4 ICMP total header length:
• icmp-total-length—Specifies the
value of the ICMP total length to
inspect.
0 to 65535
specify-other-ip-protocol-id {yes |
no}
(Optional) Enables inspection of the
other Layer 4 protocols:
• other-ip-protocol-id—Specifies
which single IP protocol ID or
single range of IP protocol IDs for
which to send alerts.
0 to 255
specify-dst-port {yes | no} (Optional) Enables the destination port
for use:
• dst-port—Specifies the destination
port of interest for this signature.
0 to 65535
specify-src-port {yes | no} (Optional) Enables source port for use:
• src-port—Specifies the source port
of interest for this signature.
0 to 65535
specify-tcp-mask {yes | no} (Optional) Enables the TCP mask for
use:
• tcp-mask—Specifies the mask
used in TCP flags comparison:
–
URG bit
–
ACK bit
–
PSH bit
–
RST bit
–
SYN bit
–
FIN bit
urg
ack
psh
rst
syn
fin
Table B-9 Atomic IP Engine Parameters (continued)
Parameter Description Value