D-Link DWC-1000 User Manual
73
Section 4 - Advanced WLAN Configuration
Field
Description
Source IP Wildcard Mask
Specifies the source IP address wildcard mask. Wildcard masks determine which bits
are used and which bits are ignored. A wildcard mask of 255.255.255.255 indicates
that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important.
Wildcard masking for ACLs operates differently from a subnet mask. With a subnet
mask, the mask has ones (1’s) in the bit positions that are used for the network address,
and has zeros (0’s) for the bit positions that are not used. In contrast, a wildcard mask
has (0’s) in a bit position that must be checked. A ‘1’ in a bit position of the ACL mask
indicates that the corresponding bit can be ignored. This field is required when you
configure a source IP address.
Source L4 Port
Requires a packet’s TCP/UDP source port to match the port listed here. Complete one
of the following fields:
• Source L4 Keyword
: Select the desired L4 keyword from a list of source ports on
which the rule can be based. If you select a keyword other than Other, the screen
refreshes and the
Source L4 Port Number
field disappears.
• Source L4 Port Number
: If the source L4 keyword is Other, enter a user-defined
Port ID by which the packets are matched to the rule.
Destination IP Address
Requires a packet’s destination port IP address to match the address listed here. Enter
an IP address in the appropriate field. The address you entered is compared to the
packet’s destination IP address.
Destination IP Wildcard Mask
Specify the IP wildcard mask to be used with the Destination IP Address value.
Destination L4 Port
Requires a packet’s TCP/UDP destination port to match the port listed here. Complete
one of the following fields:
• Destination L4 Keyword:
Select the desired L4 keyword from a list of destination
ports on which the rule can be based. If you select a keyword other than Other,
the screen refreshes and the
Destination L4 Port Number
field disappears.
• Destination L4 Port Number
: If the destination L4 keyword is Other, enter a
user-defined Port ID by which the packets are matched to the rule. The valid
range is 0 to 65535.
Service Type
Select one of the following three Match conditions for the extended IP ACL rule. These
are the alternative ways of specifying a match condition for the same Service Type
field in the IP header, however each uses a different user notation. After a selection is
made, the appropriate value can be specified:
• IP DSCP
: This field matches the packet DSCP value to the rule. Specify the IP
DiffServe Code Point (DSCP) field. The DSCP is defined as the high-order six
bits of the Service Type octet in the IP header. This is an optional configuration.
Enter an integer from 0 to 63. The IP DSCP is selected by selecting one of the
DSCP keyword values from the menu. If a value is to be selected by specifying its
numeric value, then select the ‘Other’ in the menu and a field ‘IP DSCP Value’ will
appear where you can enter the numeric value of the DSCP.
• IP Precedence:
The IP Precedence field in a packet is defined as the high-
order three bits of the Service Type octet in the IP header. This is an optional
configuration. This field matches the packet IP Precedence value to the rule when
checked. Enter the IP Precedence value, an integer from 0 to 7, to match. Either
the DSCP value or the IP Precedence value is used to match packets to ACLs.
• IP TOS Bits
: The IP TOS field in a packet is defined as all eight bits of the Service
Type octet in the IP header. Matches on the Type of Service bits in the IP header
when checked.
• TOS Bits
: This value is a hexadecimal number from 00 to FF. Requires the bits in
a packet’s TOS field to match the two-digit hexadecimal number entered here.