"Fragment Keyword"

From: GAURAV MADAN (gauravmadan1177@gmail.com)
Date: Tue Feb 10 2009 - 12:39:07 ARST

• Next message: Jared Scrivener: "RE: "Fragment Keyword""
• Previous message: Alexei Monastyrnyi: "Re: passed the lab yeeeeaaahh!!!"
• Next in thread: Jared Scrivener: "RE: "Fragment Keyword""
• Maybe reply: Jared Scrivener: "RE: "Fragment Keyword""
• Maybe reply: Daniel Kutchin: "RE: "Fragment Keyword""
• Maybe reply: Daniel Kutchin: "RE: "Fragment Keyword""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi group

I tried the "fragment" keyword today .. Read some papers on this and tried
the things out .

1 thing is confusing me ( may be this is basic) .
If question says "permit only non-fragmented and initial fragments" ..

I have folloeing ACL configured :

OPTION 1
**************
Extended IP access list FRAGMENTED
    10 deny tcp any any fragments
    20 deny ip any any fragments
    30 permit ip any any

OPTION 2
**************
 Extended IP access list FRAGMENTED
10 deny ip any any fragments
    20 permit ip any any

How are these 2 different . WHich one will be marked correct / incorrect

Please put some light on this

Gaurav Madan

Blogs and organic groups at http://www.ccie.net

• Next message: Jared Scrivener: "RE: "Fragment Keyword""
• Previous message: Alexei Monastyrnyi: "Re: passed the lab yeeeeaaahh!!!"
• Next in thread: Jared Scrivener: "RE: "Fragment Keyword""
• Maybe reply: Jared Scrivener: "RE: "Fragment Keyword""
• Maybe reply: Daniel Kutchin: "RE: "Fragment Keyword""
• Maybe reply: Daniel Kutchin: "RE: "Fragment Keyword""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST