Deploying patterns on the Active Update server

On the validation firewall, generate the archive containing all the custom patterns using the command:

enpattern -favz

This command will launch the compilation of all patterns (options -f and -a) and the creation of the archive that groups these signatures (option -z) and is meant to be provisioned on the Active Update server. The option -v enables the command's verbose mode.


The folder /usr/Firewall/Data/CustomPatterns/Download contains the output of this command:

  • The archive named custom_patterns_active_update.tgz,
  • A file per context, containing all patterns specific to this context (e.g.: tcpudp_hostname).


Transfer the archive custom_patterns_active_update.tgz to the root of the website hosted on your Active Update server, then unzip it.

This archive contains the following:

  • A CustomPatterns-vX.index file that includes the list of custom patterns and their revision numbers,
  • A file CustomPatterns-vX.md5 that allows verifying the integrity of the index file,
  • A tree grouping the custom patterns.

The custom pattern is now ready to be deployed on the pool of client firewalls.