Downloading the custom pattern on client firewalls

Each client firewall receives the custom pattern:

  • During an automatic synchronization with its Active Update server (scheduled every 3 hours),
  • Via the Active Update component in the dashboard, by clicking on the Restart menu located next to the entry "IPS: protection signatures".


Custom patterns can be updated on a firewall as follows:

  1. The firewall downloads the file CustomPatterns-vX.md5 on the Active Update server from the Active Update sub-system for custom patterns.
  2. Whenever this file differs from its local .md5 file located in the folder /usr/Firewall/Data/CustomPatterns/Download/, the firewall downloads the file CustomPatterns-vX.index from the server in order to compare the revisions of each context:
  • If the context does not exist on the firewall or if the revision number of the context found on the server is higher than its local file's revision number, the firewall will download the server's context file, which will then be compiled and added to the firewall's patterns.
  • If the context file exists on the firewall but is not or no longer found on the Active Update server, this context file will then be deleted from the firewall. Patterns attached to this context will also be deleted from the firewall.
  • If the revision number of the context on the firewall is equal to or higher than the file's revision number on the Active Update server, the file will not be modified and the local version of the context will be applied on the firewall.