Cisco Cisco ASR 5000
Firewall-and-NAT Policy Configuration Mode Commands
▀ firewall malformed-packets
▄ Command Line Interface Reference, StarOS Release 18
5118
firewall malformed-packets
This command configures Stateful Firewall action on malformed packets. In release 12.0, this command supports
ICMPv6 and IPv6 packets.
ICMPv6 and IPv6 packets.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-fw-and-nat-policy)#
Syntax
firewall malformed-packets { drop | permit }
default firewall malformed-packets
default
Configures the default setting.
Default:
Default:
permit
drop
Drops malformed packets.
permit
Permits malformed packets.
Usage
Use this command to configure Stateful Firewall action on malformed packets.
For NAT-only calls, malformed packets are always permitted.
For NAT-only calls, malformed packets are always permitted.
Example
The following command specifies Stateful Firewall to drop malformed packets:
firewall malformed-packets drop