Technical Note: DLP - Changing the file-type filter of a cloned sensor
Description
Solution
After creating a new DLP sensor by cloning an existing one, changing the file-type filter on one changes the other as well.
Solution
This happens because the file-type filters are separate objects referenced by number in the sensor’s configuration.
The solution is to manually create a copy from scratch, if a copy with some changes is needed.
config dlp sensorWhen the sensor is copied with the clone option into a new sensor, the copy gets the exact same file-type filter reference. This results in two DLP sensors pointing to the same file-type pattern.
edit "TEST_SENSOR"
config filter
edit 1
set proto smtp pop3 imap http-get http-post ftp
set filter-by file-type
set file-type 3
set action block
next
end
next
end
config dlp filepattern
edit 3
set name "TEST_SENSOR3"
config entries
edit "exe"
set filter-type type
set file-type exe
next
edit "*.abc"
next
end
next
end
The solution is to manually create a copy from scratch, if a copy with some changes is needed.