D-Link DWC-1000 User Manual 73
Section 4 - Advanced WLAN Conguration
Field Description
Source IP Wildcard Mask
Species the source IP address wildcard mask. Wildcard masks determine which bits
are used and which bits are ignored. A wildcard mask of 255.255.255.255 indicates
that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important.
Wildcard masking for ACLs operates dierently from a subnet mask. With a subnet
mask, the mask has ones (1’s) in the bit positions that are used for the network address,
and has zeros (0’s) for the bit positions that are not used. In contrast, a wildcard mask
has (0’s) in a bit position that must be checked. A ‘1’ in a bit position of the ACL mask
indicates that the corresponding bit can be ignored. This eld is required when you
congure a source IP address.
Source L4 Port
Requires a packet’s TCP/UDP source port to match the port listed here. Complete one
of the following elds:
• Source L4 Keyword: Select the desired L4 keyword from a list of source ports on
which the rule can be based. If you select a keyword other than Other, the screen
refreshes and the Source L4 Port Number eld disappears.
• Source L4 Port Number: If the source L4 keyword is Other, enter a user-dened
Port ID by which the packets are matched to the rule.
Destination IP Address
Requires a packet’s destination port IP address to match the address listed here. Enter
an IP address in the appropriate eld. The address you entered is compared to the
packet’s destination IP address.
Destination IP Wildcard Mask Specify the IP wildcard mask to be used with the Destination IP Address value.
Destination L4 Port
Requires a packet’s TCP/UDP destination port to match the port listed here. Complete
one of the following elds:
• Destination L4 Keyword: Select the desired L4 keyword from a list of destination
ports on which the rule can be based. If you select a keyword other than Other,
the screen refreshes and the Destination L4 Port Number eld disappears.
• Destination L4 Port Number: If the destination L4 keyword is Other, enter a
user-dened Port ID by which the packets are matched to the rule. The valid
range is 0 to 65535.
Service Type
Select one of the following three Match conditions for the extended IP ACL rule. These
are the alternative ways of specifying a match condition for the same Service Type
eld in the IP header, however each uses a dierent user notation. After a selection is
made, the appropriate value can be specied:
• IP DSCP: This eld matches the packet DSCP value to the rule. Specify the IP
DiServe Code Point (DSCP) eld. The DSCP is dened as the high-order six
bits of the Service Type octet in the IP header. This is an optional conguration.
Enter an integer from 0 to 63. The IP DSCP is selected by selecting one of the
DSCP keyword values from the menu. If a value is to be selected by specifying its
numeric value, then select the ‘Other’ in the menu and a eld ‘IP DSCP Value’ will
appear where you can enter the numeric value of the DSCP.
• IP Precedence: The IP Precedence eld in a packet is dened as the high-
order three bits of the Service Type octet in the IP header. This is an optional
conguration. This eld matches the packet IP Precedence value to the rule when
checked. Enter the IP Precedence value, an integer from 0 to 7, to match. Either
the DSCP value or the IP Precedence value is used to match packets to ACLs.
• IP TOS Bits: The IP TOS eld in a packet is dened as all eight bits of the Service
Type octet in the IP header. Matches on the Type of Service bits in the IP header
when checked.
• TOS Bits: This value is a hexadecimal number from 00 to FF. Requires the bits in
a packet’s TOS eld to match the two-digit hexadecimal number entered here.