security firewall name <name> rule <rule-number> fragment
Defines fragmented packets for a firewall rule.
- name
- The name of a firewall rule.
- rule-number
- The numeric identifier of a rule. The identifier ranges from 1 through 9999.
- fragment
- Specifies matching for fragmented packets. This option only works for rule sets applied to bridges (l2 direction) or QoS. It does not work elsewhere, as IPv4 and IPv6 fragments are reassembled before being processed by the firewall.
Configuration mode
security {
firewall {
name name {
rule rule-number
fragment
}
}
}
Use the set form of this command to define the matching of fragmented packets within a firewall rule.
Use the delete form of this command to delete the matching of fragmented packets from a firewall rule.
Use the show form of this command to display the matching of fragmented packets from a firewall rule.