switch(config)# ip access-list lab-acl
switch(config-acl)# fragments permit-all
This example shows the lab-acl IPv4 ACL, which includes the fragments command. The fragments command
appears at the beginning of the ACL for convenience, but the device permits noninitial fragments only after
they do not match all other explicit rules in the ACL.
switch(config-acl)# show ip access-lists lab-acl
IP access list lab-acl
fragments permit-all
10 permit tcp 10.0.0.0/8 172.28.254.254/24 eq tacacs
20 permit tcp 10.0.0.0/8 172.28.254.154/24 eq tacacs
30 permit tcp 10.0.0.0/8 172.28.254.54/24 eq tacacs
Related Commands
DescriptionCommand
Configures a deny rule in an IPv4 ACL.deny (IPv4)
Configures a deny rule in an IPv6 ACL.deny (IPv6)
Configures a permit rule in an IPv4 ACL.permit (IPv4)
Configures a permit rule in an IPv6 ACL.permit (IPv6)
Displays all IPv4 ACLs or a specific IPv4 ACL.show ip access-list
Displays all IPv6 ACLs or a specific IPv6 ACL.show ipv6 access-list
Cisco Nexus 7000 Series Security Command Reference
342
F Commands
fragments
To Next Page
Loading...
