Removing Drop Rules

Similar Messages

• How to remove the rule or class function in CS5

  i need to know how to remove the rule or class function in CS5  at the bottom of the screen there are two options for formating HTML and Css when i click the HTML it only allows me to change the bold or italics or link something but when i click CSS it allows me to format how i want the paragraph aligned and the text size and font when i click on lets say changing the font size a box comes up asking me to name a rule so it applies it to everything else i type i want to know how to stop tht like edit everything on my own and if i use CS5 here will it be compatible with CS4 or CS3 at my skool plzz help ive been frustrated with this

  If I use CS5 here will it be compatible with CS4 or CS3 at my skool plzz help ive been frustrated with this
  Code is code.   It doesn't matter which product you use.
  i need to know how to remove the rule or class function in CS5
  You can't.  DW encourages you to use good coding methods, which means using CSS classes and to keep content (HTML) separate from styles (CSS).  For example, if you change font-size on p tags like so:
       p {font-size: 38px}
  Every paragraph will have 38px sized text.
  If you want to apply a special style to just a portion of your text, you must define a CSS class name like so:
  .foo {
  font-size: 38px;
  color: red;
  HTML:
  <p>This is normal paragraph text <span class="foo"> And this is very big and red.</span></p>
  This is normal paragraph text And this is very big and red. 
  Nancy O.
  Alt-Web Design & Publishing
  Web | Graphics | Print | Media  Specialists 
  http://alt-web.com/
  http://twitter.com/altweb
  Message was edited by: Nancy O.  -- unfortunately, this forum doesn't support Raw HTML with inline styles. You'll need to paste my code examples into your DW page to see the effect.

• MARS - drop rules

  I have a MARS20 configured to a IPS4240 placed between internet & LAN, and i want to stop my internal network to stop triggering the incidents and stop producing false positive; based on the assumption that my LAN is secure.
  So I have created a drop rule to log to DB, source-192.168.0.0 255.255.0.0, remaining parameters as Any.
  The rule is active, but i still get incidents w source from LAN.
  am i missing something?
  Cash

  did you click "activate"?

• MARS DROP RULE QUESTION

  When you configure a drop rule, lets say you configure several.  If something happens to the software, is there a way to backup the drop rules that you have created?

  Hi,
  you can configure archiving and if the Mars fails you can restore OS,configurations,events,reports and rules from the archive.
  check archiving configuration for the mars:
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/initial/configuration/bckRstrSby.html
  regards
  Gabor
  /vote if it helps/

• CS-MARS - Drop rule keyword based

  Hi all,
  I need to create a new rule based on a keyword. I'm able to add an inspection rule but not a drop rule. The problem is Cisco MARS is showing up lots of events from a reporting IPS who is blocking that events. In this manner, the IPS is tagging all traffic blocked and when it gets the MARS, I have to open the event to see if it's a real threat or it's just a event blocked by IPS.
  Now, all tagged traffic is matching with my inspection rule but I don't want to see more events from that rule, just log into the database, I mean, the alternate action to "drop" in a drop rule.
  Any idea?
  Thanks a lot.

  Hi Beth,
  Excuse me but I don't understand what you mean with that string. What I'm saying is there's no way to create a drop rule using a keyword. P.e. I want to drop all events from the matching rule called "Password scan" where the keyword "Administrator" is used. You can only apply an action in drop rules, and using a keyword in inspection rules.
  Sorry again if I don't understand what you mean or where apply the regex string you're talking about.
  Thanks a lot.

• Drop rule set

  Hi,
  I have only the following object (rule set) on my schema.
  OBJECT_NAME     OBJECT_TYPE
  DEV_QUEUE_R     RULE SET
  I tried to drop with with following syntax:
  exec DBMS_RULE_ADM.DROP_RULE_SET(
  rule_set_name => 'DEV1.DEV_QUEUE_R',
  delete_rules  => false);
  But following error shown:
  ORA-24170
  string.string is created by AQ, cannot be dropped directly
  Cause: This object is created by AQ, thus cannot be dropped directly
  Action: use dbms_aqadm.drop_subscriber to drop the object
  And I couldn't find the exact syntaxt of this. Can anyone help me with the exact syntax of DBMS_AQADM.DROP_SUBSCRIBER?
  Thanks.
  BANNER
  Oracle Database 11g Release 11.1.0.6.0 - 64bit Production
  PL/SQL Release 11.1.0.6.0 - Production
  CORE     11.1.0.6.0     Production
  TNS for Linux: Version 11.1.0.6.0 - Production
  NLSRTL Version 11.1.0.6.0 - Production
  Edited by: Nadvi on Jul 22, 2010 4:03 PM

  Ok, I found the solution.
  select * from user_objects;
  OBJECT_TYPE OBJECT_NAME STATUS
  ------------------------------ RULE AQ$WF_DEFERRED_QUEUE_M$1 VALID
  RULE SET AQ$WF_DEFERRED_QUEUE_M$1 INVALID
  1.Set the following event at session level:
  alter session set events '25475 trace name context forever, level 2';
  2. Drop rule:
  execute DBMS_RULE_ADM.DROP_RULE('.AQ$WF_DEFERRED_QUEUE_M$1',TRUE);
  commit;
  3.Drop rule set :
  execute DBMS_RULE_ADM.DROP_RULE_SET('AQ$WF_DEFERRED_QUEUE_M$1');
  commit;
  4. Connect as SYSTEM or SYSDBA and try to drop user again.
  drop user <user> cascade;
  Thanks

• Drop rule using keyword?

  I posted this on the Cisco MARS User group on Google, but thought it is best to cover it here as well.
  I just read that this can not be done using a keyword, but am interested if there is any other way of getting the same (or equal) result.
  Is there any way to configure a false positive drop rule based on a
  keyword in the raw message? I have a user that consistantly pushes the
  switch port interface utilization above 90% - this is normal activity
  that happens throughout the day. We get 20 - 30 email alerts per day
  on this. I would like to configure a drop rule that will just drop
  this incident if this user's interface is specified in the raw
  message. Or maybe there is another way to get the same result?

  hmmm...I think that's going to be a challenge and not likely found in a book or other documentation. If you add a "!= switch a" in the device column for an offset, the offset will not match on any events from that device regardless of the keyword criteria.
  If the device name is not in the raw message, I don't see any way around that. Assuming a very basic rule with a single offset...
  I think you'll have to modify the original offset with a "!= switch a" in device column. Then add an offset which specifically matches on that device and uses a keyword to filter out the specific port indicated in the raw message.
  There's a trick to that too, because you can't just a have a "!=" keyword. You have to first match on something and then add a "NOT" keyword which indicates the port.
  Hopefully that will get you started at least. It can get really messy with multiple offsets because you'll have to figure out where to add the offset and may even have to add multiple offsets and in the right place.

• MARS General FP Drop Rule vs. Listed Unconf. FPs

  I have a gazillion (really!) Unconfirmed False Positive events listed on that Tab in MARS. The specific event is "Windows SMB Enum Share DoS" and I created a Drop Rule for ANY of these events, with Source and Destination from my inside networks. I know all of my systems are patched against it.
  It appears my Drop Rule is working, since viewing the Sessions associated with these (clicking the "Show" link at the right of each) shows no sessions after I installed the Drop Rule.
  But I still have all of these Events in the Unconf. FP list. I would like to avoid doing the "False Positive" procedure for each, for two reasons:
  1. It will take a long time.
  2. I will also wind up with a gazillion Drop Rules, which the system will either have to process OR I'll have to go through THEM and Inactivate them.
  Any ideas?
  Paul Trivino

  Try this to prevent System Determined False Positives from displaying as incidents?
  If you confirm what was previously an unconfirmed false positive, then a
  drop rule is created. That drop rule should prevent any further incidents
  of that type. So, this shouldn't be happening. Please make sure you've
  clicked `Activate'.
  Check the related bug-id:CSCsc74104

• ADDING DROP RULES

  Hi, I added a drop rule in CSMARS, Just want to clarify it will automatically be used by CS-MARS for correlation.
  thanks and best regards

  It will be applied, but to commit the changes (in running memory) you have to click the Activate button on the top right of your screen.
  It will automatically turn red  when you make any changes in MARS (requiring activation).
  Please rate if you find the post helpful.
  Regards
  Farrukh

• MARS drop rules problem

  Hi All,
  we were receiving lots of false positive, so I've created drop rules in MARS. still it is generating incident, but I am sure drop rule should cover based on source/dest and port number. I've activated, rebooted, but still the same issue.
  any suggestion would be very appreciated.
  Alex

  did you click "activate"?

• Unable to remove Conditional Rule through deployment

  If you remove a rule in your source and try to modify your target to remove the rule, the catalog deployer will not remove it in the target.
  Trying to update an active form component from source to target by using Catalog Deployer.  
  On first delpoyement, your source (Development) has one rule.  After the first deployment, you source (Dev) and target (Prod) each have one rule.  Next, you remove the rule in your source (Dev).  When you try to deploy again, the rule will NOT be removed in your target (Prod).  It will also not be removed from the active form behaviour.
  Does anyone know a way around this without manually update your target.  Is there a way the catalog deployment can be created so it takes into account rules that were removed in the source?

  Joshua - I'm curious if you got an answer to this?  I'm having the same issue with a recent deployment.

• Remove Firewall Rule

  hi friends how i can remove specific rule in firewall by c# 

  how i can remove specific rule in firewall by c# 
  Very carefully.
  Which firewall? Don't you think if it were that easy to alter a firewall's settings that
  it would be a pretty useless defense against hackers?
  - Wayne
  C# code has to be run way past the firewall. If the attacker is in a right and execution position to disable your firewall it already failed or never was a defense in the first place. Nearly all games developers took to adding apropirate exceptions for thier
  games (so the user is not asked) to the Windows Firewall during installation.
  Of course those codes have no effect if the user has any other firewall. The only truly reliable way to get an exception set is to try to make a connection (when your programm is NOT in fullscreen mode so it prevents the user from seeing it).

• WMS dropping rules execution time.

  Hi Community!
  We're facing problem in our OEBS 12.1.3 production environment with dropping rules execution time.
  Execution can take a long time (10-15 minutes) if it started from standart interface by warehouse worker, but from the other side same query executes in few seconds in sqlplus.
  I'll be very grateful if someone helps me to find problem source.
  Kind regards.

  Well, these rules are not unique – most of them are executed repeatedly for various Entities. In whole, it is a big budget calculation model.
  It surely can be and must be optimized, but it will take some time (I started to administrate this outsource-developed Planning system not long ago).
  But the question now is not in the amount of BRs, but in the execution delay.
  I tried to run a singe rule the same way, and got _18 sec in CmdLineLauncher vs 1 sec in EAS Console_.
  Just can't get the delay reason...

• I'm trying to remove paragraph rules from paragraphs in an InDesign document, but cannot because it (incorrectly) says they're already turned off

  So, basically what a title says. I'm working on a document for my employer in which some of the formatting is already in place. As part of that formatting, InDesign is adding horizontal rules after every paragraph, and there are some paragraphs for which this would not be appropriate, particularly bulleted lists, so I'm attempting to remove them. Problem is, when I select the paragraphs and pull up the Paragraph Rules dialog, it claims that the horizontal rules area already turned off, and that I therefore cannot remove them. Does anyone know what's going on or how to fix it?

  Hi,
  Have you checked that the paragraph rule is not "Rule Below"? Rule above is switched off, but Rule below may well be on. Select it in the popup shown in your screenshot.
  Regards,
  Malcolm

• How do I remove drop shadows from the default text in the labels of a Numbers pie chart?

  I set up a pie chart in Numbers and set labels for percentage.  The default text has drop shadowss.  They do print well at the scale needed for the page.  I cannot find out how to remove these shadows for clearer printing.  Can the shadows be removed?

  Nevermind.  Found the answer in nthe side bar under "Re:how can I print the figures (text) in a chart WITHOUT a cast shadow.  I had the Font window set too narrow and it did not show the Text Shadow button in the tool bar.  Unclicking that worked.