Cisco Cisco Packet Data Interworking Function (PDIF)
Firewall-and-NAT Policy Configuration Mode Commands
▀ firewall validate-ip-options
▄ Command Line Interface Reference, StarOS Release 16
4996
firewall validate-ip-options
This command enables / disables the Stateful Firewall validation of IP options for errors.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-fw-and-nat-policy)#
Syntax
[ default | no ] firewall validate-ip-options
default
Configures the default setting.
Default: Disabled. Same as
Default: Disabled. Same as
no firewall validate-ip-options
no
Disables validation of IP options.
Usage
Use this command to enable / disable Stateful Firewall validation of IP options. When enabled, Stateful
Firewall will drop packets with IP option errors.
For NAT calls, validation of IP Options is disabled.
Firewall will drop packets with IP option errors.
For NAT calls, validation of IP Options is disabled.
Example
The following command enables validation of IP options:
firewall validate-ip-options