Руководство По Устранению Ошибки для Cisco Cisco Packet Data Interworking Function (PDIF)
ACS Configuration Mode Commands
firewall max-ip-packet-size ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
firewall max-ip-packet-size
This command configures the maximum IP packet size allowed over Stateful Firewall.
Important:
In StarOS 8.1 and later releases, for Rulebase-based Stateful Firewall this command is available in
the ACS Rulebase Configuration Mode, and for Policy-based Stateful Firewall in the Firewall-and-NAT Policy
Configuration Mode. In StarOS 8.3, this command is available in the ACS Rulebase Configuration Mode.
Configuration Mode. In StarOS 8.3, this command is available in the ACS Rulebase Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Configures the default maximum IP packet size setting.
Default: 65535 bytes (for both ICMP and non-ICMP)
Default: 65535 bytes (for both ICMP and non-ICMP)
Specifies the maximum packet size.
must be an integer from 30000 through 65535.
Specifies the transport protocol:
: Configuration for ICMP protocol.
: Configuration for protocols other than ICMP.
Usage
Use this command to configure the maximum IP packet size allowed for ICMP and non-ICMP packets to
prevent packet flooding attacks to the host. Packets exceeding the configured size will be dropped for ―Jolt
Attack‖ and ―Ping-Of-Death Attack‖.
prevent packet flooding attacks to the host. Packets exceeding the configured size will be dropped for ―Jolt
Attack‖ and ―Ping-Of-Death Attack‖.
Example
The following command allows a maximum packet size of
The following command allows a maximum packet size of
for ICMP protocol: