You can change the update site in the Admin Console. Navigate to Maintenance - Updates. Select 'IPS signatures'; the update source is configurable on the bottom right-hand side.
The cron entry simply runs the script that downloads the updates; the cron entry itself does not contain the update server information. But for reference, the crontab file is located in /etc/. In order to add/modify any cron entries, use 'cf crontab' (see man cf_crontab) for more info.
Thanks for the response.
I should have added that the Admin GUI approach uses https and I's like to use the ftp protocol application. I tried changing it in the Maintenance|Update area of the Admin GUI which fails because the script "translation" to the crontab file does not accomplish this. Further, the man cf_crontab results do not point to the file location. A "find" on the command line also does not tell me where it is. There has to be a crontab file that;'s editable that can make me do two things: (1) change the update location, which the Maintenance|Update does also; and (2) change the command from https to ftp, which the Maintenance|Update does not do.
Unfortunately, there isn't; the firewall can only be configured to download the updates via HTTPS.
Perhaps KB63759 will help you. This KB explains how to download and apply signature updates when the firewall is not connected to the Internet. From CLI on the firewall, you can download the updates from a local FTP server. You should be able to write a script to do this automatically for you, then create a cron entry to run the script at specific times. Support, however, cannot assist with writing scripts.
Thanks once again. I looked at KB63759 before and indeed I'm doing what it says to do to get updates for a Sidewinder that's not connected to the Internet.
The takeaway from your reply is that with the Admin GUI it's https and nothing else. That's fine, and I was working with that assumption; and armed with KB63759 I proceeded to do so. I can use a copy command, but I need to setup a cron job, to run at specific times from a specific "internal" network location. I was using the easy way (bnecause of my limited UNIX or Sidewinder command line expertise), by taking the existing crontab file for this update and reconfiguring it; hence my opening this discussion.
What you're suggesting is that I create a new cron job. So, I'll have to start anew. I figured someone would simply say "hjere's the filename and here's the location" of the default crontab (the one that's reflected in the Maintenance|Update configuration).
1 of 1 people found this helpful
As I mentioned previously, all the crontab entry does is execute the 'cf ips download' script. This script can only be edited by using 'cf ips' and like the Admin Console, is limited to only HTTPS type connections.
After you create a script to perform the FTP download, etc., you can edit the existing crontab entry so that it executes your script instead. Or, as you mentioned, you can simply create a new crontab entry using 'cf crontab'.