Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

IOS IPS

If the IOS IPS pkg file is 7MB and after I do a copy tftp://xxx/xxx.pkg idconf, where does the file go? I don't see anything on the flash other than the .xml config files.

Any thoughts?

3 REPLIES
New Member

Re: IOS IPS

First, please take a look at http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd805c4ea8.shtml.

In summary, the copy command follow the following process:

1. load signature from outside server

2. parse it and read into memory

3. save out to the directory configuration as the ips location, in normal cases, it would be the router flash.

When save the files out, it will save into multiple files in a compressed format, even it has a .xml extension, it is compressed.

Here are the files got saved out:

. -sigdef-typedef.xml

type definition files, defines the engine parameters etc.

. -sigdef-category.xml

signature category file. Just a mapping file map the category to signature IDs

. -sigdef-default.xml

Signature file. Contains all signatures and their parameter definitions

When management by CSM/SDM, it also will save out couple of other files:

. -sigdef-delta.xml

Contains all signature modification information other than the default in sigdef-default.xml

. -seap-delta.xml

Contains all the SEAP configuration changes

. -seap-typedef.xml

SEAP type definition file.

Thanks,

-Chris

Bronze

Re: IOS IPS

Hmm...so basically it goes from a 7MB .pkg file to a 200K file on the flash. I wonder why the .pkg file has to be so big compared to what actually gets put on the flash. Thanks for the reply.

New Member

Re: IOS IPS

The current pkg file posted on Cisco.com is not compress and you can see the content as it is a standard xml file. When the router saves them on the router flash, it got compressed to save router flash space.

In the furture, the pkg file might be compressed.

Thanks,

-Chris

255
Views
0
Helpful
3
Replies