ip access-list fragments
Use this command to configure access list to deny or permit all the IP fragmented packets.
Use the no form of this command to remove an ACL specification.
Configuring same filter again with change of sequence number or change of action will result in update of sequence number or filter action.
Command Syntax
Copy
(<1-268435453>|) fragments (deny-all|permit-all) (log|) (sample|)
no (<1-268435453>|) fragments (deny-all|permit-all) (log|) (sample|)Parameters
deny-all
Drop the packet.
permit-all
Accept the packet.
<1-268435453>
IPv4 ACL sequence number.
fragments
Check non-initial.
log
Log the packets matching the filter (in-direction only).
sample
Sample the packets matching the filter (in-direction only).
Command Mode
IP access-list mode
Applicability
This command was introduced before OcNOS version 1.3
Examples
Copy
#configure terminal
(config)#ip access-list mylist
(config-ip-acl)#fragments deny-all
(config-ip-acl)#end