To temporarily disable the ThreatSTOP service issue the following commands and configuration changes.
- Turn off the crontab jobs.
- Log into your Juniper via ssh or console and run:
root@SRX-210% crontab -e
The output will look similar to
- Add a pound / hash sign (#) in front of the tsupdate.sh so it looks like:
This will prevent the update script from running.
- Remove the ThreatSTOP filter from the interfaces
- First find which interfaces are protected with the ThreatSTOP service. To do so, issue the commands:
root@SRX-210% cli
root@SRX-210> show interfaces filtersWhich will bring up the list of interfaces and the filters assigned to them. The below example has the ThreatSTOP filter applied to interface ge-0/0/0.0
- Using the above example, the command
root@SRX-210> configure
root@SRX-210# delete interfaces ge-0/0/0.0 family inet filter input ThreatSTOP
root@SRX-210# commitremoves ThreatSTOP protection from you device.
- First find which interfaces are protected with the ThreatSTOP service. To do so, issue the commands:
- Turn off log upload
- You must find the name of the log file in order to deactivate it. To do so, run the commands:
root@SRX-210% cli
root@SRX-210> configure
root@SRX-210# edit system syslog
[edit system syslog]
root@SRX-210# showWhich will bring up something similar to:
- In the above example, the log file is named 12.12.12.13.log. To deactivate the log upload, deactivate the log file with the following commands:
root@SRX-210# deactivate file 12.12.12.13.log
root@SRX-210# commit - Once changes have been made, it's suggested that you save the configuration by running the command:
root@SRX-210# save TSDeactivated
- You must find the name of the log file in order to deactivate it. To do so, run the commands:
Comments