CSPM has screens for Custom Connection Signatures (TCP SYN packets to specific ports, and UDP packets to specific ports). These can be used if your signatures are just looking for SYN packets to some port.
If they are UDP packets then they can have the connection torn down.
If they are TCP packets then you can set the action to TCP Reset.
NOTE: For the TCP Reset to work with the TCP Connection Signature you will need to add the line "LevelOfTrafficLogging 4" to the Epilogue configuration in CSPM. Normally the sig will fire for SYN packets, but the SYN packet does not contain enough information for the Reset to work, so setting LevelOfTrafficLogging to 4 changes the sig to fire on SYN/ACK packets which do have enough information to reset the connection.
CSPM also has screens for Custom String Matches. If you signatures are regular expressions then you can enter them as Custom String Matches and configure an action of TCP Reset.
If, however, you are trying to create a Custom Signature that uses the signature engines in 3.1, then you will need to use IDM or .SigWizMenu to create the signatures and set the actions to TCP Reset.
Once the signatures are created you can then copy the lines from the SigUser.conf and SigSettings.conf file for those signatures and paste them into the Epilogue window in CSPM (it pastes those exact lines to the bottom of packetd.conf).
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...