D-Link DWL-2600AP Administrator's Manual page 91

Unified Access Point Administrator's Guide
Field
ACL Type
ACL Rule Configuration
ACL Name - ACL
Type
Rule
Action
Match Every
IPv4 ACL
Protocol
Source IP Address
Wild Card Mask
January 2015
Description
Select the type of ACL to configure:
•) IPv4
•) IPv6
•) MAC
IPv4 and IPv6 ACLs control access to network resources based on Layer 3 and Layer 4
criteria. MAC ACLs control access based on Layer 2 criteria.
Select the ACL to configure with the new rule. The list contains all ACLs added in the ACL
Configuration section.
To configure a new rule to add to the selected ACL, select New Rule. To add an existing rule
to an ACL or to modify a rule, select the rule number.
When an ACL has multiple rules, the rules are applied to the packet or frame in the order in
which you add them to the ACL. There is an implicit deny all rule as the final rule.
Specifies whether the ACL rule permits or denies an action.
•) When you select Permit, the rule allows all traffic that meets the rule criteria to enter or
exit the AP (depending on the ACL direction you select). Traffic that does not meet the
criteria is dropped.
•) When you select Deny, the rule blocks all traffic that meets the rule criteria from
entering or exiting the AP (depending on the ACL direction you select). Traffic that
does not meet the criteria is forwarded unless this rule is the final rule. Because there
is an implicit deny all rule at the end of every ACL, traffic that is not explicitly permitted
is dropped.
Indicates that the rule, which either has a permit or deny action, will match the frame or
packet regardless of its contents.
If you select this field, you cannot configure any additional match criteria. The Match Every
option is selected by default for a new rule. You must clear the option to configure other
match fields.
Select the Protocol field to use an L3 or L4 protocol match condition based on the value of
the IP Protocol field in IPv4 packets or the Next Header field of IPv6 packets.
Once you select the field, choose the protocol to match by keyword or enter a protocol ID.
Select From List
Select one of the following protocols from the list:
•) IP
•) ICMP
•) IGMP
•) TCP
•) UDP
Match to Value
To match a protocol that is not listed by name, enter the protocol ID.
The protocol ID is a standard value assigned by the IANA. The range is a number from
0–255.
Select this field to require a packet's source IP address to match the address listed here.
Enter an IP address in the appropriate field to apply this criteria.
Specifies the source IP address wildcard mask.
The wild card masks determines which bits are used and which bits are ignored. A wild card
mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates
that all of the bits are important. This field is required when Source IP Address is checked.
A wild card mask is, in essence, the inverse of a subnet mask. For example, To match the
criteria to a single host address, use a wildcard mask of 0.0.0.0. To match the criteria to a
24-bit subnet (for example 192.168.10.0/24), use a wild card mask of 0.0.0.255.
Section 8 - Configuring Client Quality of Service (QoS)
Unified Access Point Administrator's Guide
Page 91