D-Link DWS-4026 Product Manual - Page 348
Table 219, IP ACL Rule Configuration Fields Cont., Field, Description, Assign Queue ID
UPC - 790069325533
View all D-Link DWS-4026 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 348 highlights
D-Link Unified Access System Software User Manual 12/10/09 Field Rule Rule ID Action Logging Assign Queue ID Mirror Interface Match Every Protocol Keyword Protocol Number Source IP Address Table 219: IP ACL Rule Configuration Fields (Cont.) Description Select an existing Rule ID to modify or select Create Rule to configure a new ACL Rule. New rules cannot be created if the maximum number of rules has been reached. For each rule, a packet must match all the specified criteria in order to be true against that rule and for the specified rule action (Permit/Deny) to take place. This field is only available if you select Create Rule from the Rule field. Enter a new Rule ID which is a whole number in the range of 1 to 12 that will be used to identify the rule. After you click Submit, the new ID is created and you can configure the rule settings. The number of rules you can create in an ACL is platform dependent. Selects the ACL forwarding action. Click Configure to change the action. Select the desired action from the dropdown menu, and then click Submit or Cancel to return to the Rule Configuration page. Possible values are; • Permit. Forwards packets which meet the ACL criteria. • Deny. Drops packets which meet the ACL criteria. This field is only visible for a Deny Action. When set to True, logging is enabled for this ACL rule (subject to resource availability in the device). If the Access List Trap Flag is also enabled, this will cause periodic traps to be generated indicating the number of times this rule went into effect during the current report interval. A fixed 5 minute report interval is used for the entire system. A trap is not issued if the ACL rule hit count is zero for the current interval. This field is only visible when the Action is Permit. Use this field to specify the hardware egress queue identifier used to handle all packets matching this AP ACL Rule. Click Configure, and then enter an identifying queue number (0 to 7) in the appropriate field. Click Submit or Cancel to return to the Rule Configuration page. This field is only visible when the Action is Permit. Use this field to specify the specific egress interface where the matching traffic stream is copied in addition to being forwarded normally by the device. Click Configure, and then select an interface from the dropdown list. Packets that meet the rule are mirrored on the interface you select. Click Submit or Cancel to return to the Rule Configuration page. Requires a packet to match the criteria of this ACL. Click Configure, and then select True or False from the dropdown list. Then click Submit or Cancel to return to the Rule Configuration page. True signifies that all packets will match the selected IP ACL and Rule and will be either permitted or denied. Match Every is exclusive to the other filtering rules, so if Match Every is True, the other rules on the screen do not appear. To configure specific match criteria for the rule, remove the rule and re-create it, or reconfigure 'Match Every' to 'False' for the other match criteria to be visible. Specify that a packet's IP protocol is a match condition for the selected IP ACL rule. The possible values are ICMP, IGMP, IP, TCP, and UDP. Either the 'Protocol Keyword' field or the 'Protocol Number' field can be used to specify an IP protocol value as a match criteria. Click Configure, and then select the protocol keyword from the dropdown list. Click Submit or Cancel to return to the Rule Configuration page. Specify that a packet's IP protocol is a match condition for the selected IP ACL rule and identify the protocol by number. The protocol number is a standard value assigned by IANA and is interpreted as a integer from 0 to 255. Either the 'Protocol Number' field or the 'Protocol Keyword' field can be used to specify an IP protocol value as a match criteria. Requires a packet's source port IP address to match the address listed here. Click Configure, and then enter an IP Address in the appropriate field using dotted-decimal notation. The address you enter is compared to a packet's source IP Address. You also configure the Source IP Mask on the page. Page 348 Configuring Access Control Lists Document 34CSFP6XXUWS-SWUM100-D7