1)CISCO IOS Content Filteringневижу чем сиськи(Cisco) тут погут помочь
2)IOS
Код: Выделить всё
access-list 102 deny icmp any any fragments
access-list 102 permit icmp any any echo-request
access-list 102 permit icmp any any time-exceeded
access-list 102 permit icmp any any packet-too-big
access-list 102 deny icmp any any
access-list 2001 remark Specifically block ICMP fragments
access-list 2001 deny icmp any any fragments
access-list 2001 remark Permit inbound ping.
access-list 2001 permit icmp any any echo
access-list 2001 remark Permit inbound ping response.
access-list 2001 permit icmp any any echo-reply
access-list 2001 remark Permit Path MTU to function.
access-list 2001 permit icmp any any packet-too-big
access-list 2001 remark Permit time exceeded messages for traceroute and loops.
access-list 2001 permit icmp any any time-exceeded
access-list 2001 remark And explicitly block all other ICMP packets
access-list 2001 deny icmp any any
access-list 2001 remark Permit everything else (or add additional ACLs here).
access-list 2001 permit ip any any