Cisco Cisco Packet Data Gateway (PDG) Fehlerbehebungsanleitung
ACS Rulebase Configuration Mode Commands
▀ firewall max-ip-packet-size
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22947-02
firewall max-ip-packet-size
This command configures the maximum IP packet size (after IP reassembly) allowed over firewall.
Important:
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS
8.3, use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0 and later, for
Policy-based Firewall-and-NAT configuration, this command is available in the Firewall-and-NAT Policy
Configuration Mode.
Policy-based Firewall-and-NAT configuration, this command is available in the Firewall-and-NAT Policy
Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Configures the default maximum IP packet size configuration.
Default: 65535 bytes (for both ICMP and non-ICMP)
Default: 65535 bytes (for both ICMP and non-ICMP)
Specifies the maximum packet size.
must be an integer from 30000 through 65535.
Specifies the transport protocol:
: Configuration for ICMP protocol.
: Configuration for protocols other than ICMP.
Usage
Use this command to configure the maximum IP packet size allowed for ICMP and non-ICMP packets to
prevent packet flooding attacks to the host. Packets exceeding the configured size will be dropped for ―Jolt
Attack‖ and ―Ping-Of-Death Attack‖.
prevent packet flooding attacks to the host. Packets exceeding the configured size will be dropped for ―Jolt
Attack‖ and ―Ping-Of-Death Attack‖.
Example
The following command allows a maximum packet size of
The following command allows a maximum packet size of
for ICMP protocol: