The fragment-reassemble user-configure command configures user-defined items for the fragment reassembly function.
The undo fragment-reassemble user-configure command cancels the configuration of user-defined items for the fragment reassembly function.
By default, all user-defined items of the fragment reassembly function are disabled.
fragment-reassemble user-configure { defense-check | pass-through }
undo fragment-reassemble user-configure { defense-check | pass-through }
| Parameter | Description | Value |
|---|---|---|
| defense-check | Indicates fragment attack defense. | - |
| pass-through | Indicates the pass through mode. | - |
Usage Scenario
After the pass through mode is enabled (using the fragment-reassemble user-configure pass-through command), in some special fragment traffic scenarios (for example, the fragments completely overlap, and the overlapped part has the same content), the system will regard the traffic as abnormal traffic and will not reassemble the fragments. If the fragment attack defense function has been enabled (using the fragment-reassemble user-configure defense-check command), the abnormal fragments will be discarded. If the fragment attack defense function has not been enabled, the system will forward the fragments. After the pass through mode is disabled, the system assembles the fragments based on the normal processing flow.
Prerequisites
Before running this command, you must run the defence engine enable command to enable the IAE.