Example: Blocking Fragmented ICMP Packets (CLI)
The following example shows how to configure the icmp-fragment screen to block fragmented ICMP packets originating from the zone security zone.
To block fragmented ICMP packets:
Configure the icmp-fragment screen:
user@host# set security screen ids-option icmp-fragment icmp fragmentConfigure the zone security zone:
user@host# set security zones security-zone zone screen icmp-fragment
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices