ip access-list fragments

OcNOS-RON : System Management Guide : System Management Command Reference : Access Control List Commands (XGS) : ip access-list fragments

Use this command to configure access list to deny or permit all the IP fragmented packets.

Use the no form of this command to remove an ACL specification.

Note: Configuring same filter again with change of sequence number or change of action will result in update of sequence number or filter action.

Command Syntax

(<1-268435453>|) fragments (deny-all|permit-all) (log|) (sample|)

no (<1-268435453>|) fragments (deny-all|permit-all) (log|) (sample|)

Parameters

deny-all

Drop the packet.

permit-all

Accept the packet.

<1-268435453>

IPv4 ACL sequence number.

fragments

Check non-initial.

log

Log the packets matching the filter (in-direction only).

sample

Sample the packets matching the filter (in-direction only).

Command Mode

IP access-list mode

Applicability

This command was introduced before OcNOS version 1.3.

Examples

#configure terminal

(config)#ip access-list mylist

(config-ip-acl)#fragments deny-all

(config-ip-acl)#end

Last modified date: 08/28/2023