D-Link DWL-2600AP User Manual - page 368
MAC Access Control Lists
D-Link
Unified Wired and Wireless Access System
Oct. 2015
Page 368
D-Link UWS User Manual
Logging
This field is only visible for a Deny Action. When set to True, logging is enabled
for this ACL rule (subject to resource availability in the device). If the Access
List Trap Flag is also enabled, this will cause periodic traps to be generated
indicating the number of times this rule went into effect during the current
report interval. A fixed 5 minute report interval is used for the entire system.
A trap is not issued if the ACL rule hit count is zero for the current interval.
Time Range Name
Use this field to impose a time limitation on the ACL rule. When you click
Configure
, you can select a configured time range or create a new named time
range. To configure the time range values, use the
LAN > Administration >
Time Ranges > Time Range Entry Configuration
page.
If a time range with the specified name does not exist and the ACL containing
this ACL rule is applied to an interface or bound to a VLAN, then the ACL rule
is applied immediately. If a time range with specified name exists and the ACL
containing this ACL rule is applied to an interface or bound to a VLAN, then the
ACL rule is applied when the time-range with specified name becomes active.
The ACL rule is removed when the time-range with specified name becomes
inactive.
Assign Queue ID
This field is only visible when the Action is Permit. Specifies the hardware
egress queue identifier used to handle all packets matching this ACL rule. Click
Configure, and then enter an identifying number from 0 to 6 in the
appropriate field. Click
Submit
or
Cancel
to return to the Rule Configuration
page.
Match Every
Requires a packet to match the criteria of this ACL. Click
Configure
, and then
select True or False from the dropdown list. Then click
Submit
or
Cancel
to
return to the Rule Configuration page. Match Every is exclusive to the other
filtering rules, so if Match Every is True, the other rules on the screen do not
appear. False indicates that it is not mandatory for every packet to match the
selected ACL Rule.
Mirror Interface
This field is only visible when the Action is Permit. Specifies the specific egress
interface where the matching traffic stream is copied in addition to being
forwarded normally by the device.
CoS
Specifies the 802.1p user priority to compare against an Ethernet frame.
Requires a packet’s class of service (CoS) to match the CoS value listed here.
Click
Configure
, and then enter a CoS value between 0 and 7 to apply this
criteria. Click
Submit
or
Cancel
to return to the Rule Configuration page.
Destination MAC Address
Requires an Ethernet frame’s destination port MAC address to match the
address listed here. Click
Configure
, and then enter a MAC address in the
appropriate field. The valid format is xx_xx_xx_xx_xx_xx. The BPDU keyword
may be specified using a Destination MAC Address of 01:80:C2:xx:xx:xx. Click
Submit
or
Cancel
to return to the Rule Configuration page.
Destination MAC Mask
If desired, enter the MAC Mask associated with the Destination MAC to
match. The MAC address mask specifies which bits in the destination MAC to
compare against an Ethernet frame. Use F’s and zeros in the MAC mask, which
is in a wildcard format. An F means that the bit is not checked, and a zero in a
bit position means that the data must equal the value given for that bit. For
example, if the MAC address is aa_bb_cc_dd_ee_ff, and the mask is
00_00_ff_ff_ff_ff, all MAC addresses with aa_bb_xx_xx_xx_xx result in a
match (where
x
is any hexadecimal number). Click
Submit
or
Cancel
to return
to the Rule Configuration page.
Table 215: MAC ACL Rule Configuration Fields (Cont.)
Field
Description