fragment filtering

From: ccie2be (ccie2be@nyc.rr.com)
Date: Tue May 10 2005 - 17:02:12 GMT-3

• Next message: Sean C: "Ways of Callback PPP/ISDN/Dialer"
• Previous message: mani poopal: "Re: igmp profile command"
• Next in thread: Bob Sinclair: "Re: fragment filtering"
• Maybe reply: Bob Sinclair: "Re: fragment filtering"
• Maybe reply: ccie2be: "RE: fragment filtering"
• Maybe reply: Bob Sinclair: "Re: fragment filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi guys,
 
I'm a bit confused about this. I've read the Doc-CD CR several times and
some other sources as well.
 
It seems that if the fragment keyword is added to the end of an acl entry,
it deals with non-initial fragments.
 
But, suppose this were the task:
 
Filter udp fragments coming in int e0 going to the DNS server.
 
Does this mean initial and non-initial fragments? IF so, how would I do
this?
 
Now, suppose I also had to filter ip fragments. Would the acl entry for
this affect the previous acl entry?
 
If possible, a couple of examples would be very helpful.
 
TIA, Tim

• Next message: Sean C: "Ways of Callback PPP/ISDN/Dialer"
• Previous message: mani poopal: "Re: igmp profile command"
• Next in thread: Bob Sinclair: "Re: fragment filtering"
• Maybe reply: Bob Sinclair: "Re: fragment filtering"
• Maybe reply: ccie2be: "RE: fragment filtering"
• Maybe reply: Bob Sinclair: "Re: fragment filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3