Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Niag_Senior
Explorer

Export the IPS settings on a locally managed 1100

I need to try and find a way export the IPS settings on a locally managed 1100 running R77.20.80 (990172392). There doesn't appear to be any way via the GUI to export. Perhaps it's possible from the CLI or even via the backup?

Any ideas would be helpful. Thanks.

5 Replies
PhoneBoy
Admin
Admin

I imagine it is included in the backup but it’s probably not something you can easily extract.

0 Kudos
Pedro_Espindola
Advisor

You can use show configuration command and filter for IPS with grep, but the syntax is not perfect to load it back, so you will probably need to do some tweaking like removing unnecessary double-quotes and dashes.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

The process of using show configuration for config transfer is elaborated here: Configuration transfer between different SMB models

Really, ips settings are the largest part here (6860 lines from 7928), apart from global and special settings consisting of:

# IPS topic view
set threat-prevention ips protection-action-override protection-code "8161769329" override-policy-action "false"

Whole IPS config part is stretching from

# IPS engine settings

to

# IPv6 enforcment settings
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend

There maybe another possibility available if we look where the IPS details are stored - the folder /storage/ips includes:

- a file /storage/ips/cmi_loader_sig_ids.conf

- a folder "update" containing:

    two config folders, 0 and 1, with two links pointing to them called cur (current) and old

    file /storage/ips/update/Version.tmp

    file /storage/ips/update/Version

    file /storage/ips/update/next_update

    file /storage/ips/update/ips_status.C

and the SQL database file /storage/ips/update/ips.db

ips.db can be opened using open source tool as DB Browser for SQLite.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Niag_Senior
Explorer

Thank you for these pointers. I'll give this a try and post back.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events