• Author : Kartic Bhargav

 
 

IP Packet length matching in Ingress Security ACLs

Similar to L4 ports, ACL rules can be configured to filter ingress packets based on their IP length (present in the IPv4 header). The match criteria consist of lookups on the IP length field. The supported range operators are as follows: any – all lengths eq length1, length2 … lengthn – A list of lengths. Max list size of 10 numbers gt length – The set of lengths with numbers larger than the listed length lt length – The set of lengths with numbers smaller than the listed length range length1 length2 – The set of lengths whose numbers are...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: