Hi Kings, I came across the thread you started sometime in 2010. Your problem was with filtering ICMP with a specific data pattern. The stumbling point was the size after the offset in the access-control class-map:
Your original class definition was as follows: class-map type access-control match-any ac match start ICMP payload-start offset 0 size 1500 string "FFFF" class-map type stack match-all sc match field IP protocol eq 1 next ICMP Then you said that the size should be 2 because FFFF is two bytes. Have you tested it and it worked for you? I'm trying to do exactly the same and it doesn’t seem to work class-map type access-control match-all ICMP-FILTER-CM match start ICMP payload-start offset 0 size 2 string "FFFF" class-map type stack match-all IP-ICMP-STACK-CM match field IP protocol eq 1 next ICMP policy-map type access-control ICMP-FILTER-PM class ICMP-FILTER-CM drop policy-map type access-control FPM-IF-PM class IP-ICMP-STACK-CM service-policy ICMP-FILTER-PM Interface Fa0/0 service-policy type access input FPM-IF-PM Eugene
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
