Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 5000 Router Series
2131213221332134213521362137213821392140
142firewall packet-filter 3Com Router 5000 Family and Router 6000 Family
Command Reference
For the layer 4 matching rules in an advanced ACL to take effect, you must first
configure the
firewall fragments-inspect command on the firewall to
enable fragment inspection, making the firewall record the layer 4 information in the
first fragment of a packet to obtain complete matching information about the
non-first-fragments. In addition, you must configure the interface to filter fragments
by exactly matching all the rules in the ACL.
If the firewall enable command is not executed to enable the firewall, the
packet filter function cannot take effect even if it is configured on the interface.
Related Commands acl
display acl
firewall fragments-inspect