Cisco Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch 维护手册
ACL
ACL Rule
Cisco WAP131 and WAP351 Administration Guide
138
8
A wildcard mask is basically the inverse of a subnet mask. For example,
to match the criteria to a single host address, use a wildcard mask of
0.0.0.0. To match the criteria to a 24-bit subnet (for example, 192.168.10.0/
24), use a wildcard mask of 0.0.0.255.
to match the criteria to a single host address, use a wildcard mask of
0.0.0.0. To match the criteria to a 24-bit subnet (for example, 192.168.10.0/
24), use a wildcard mask of 0.0.0.255.
•
Source Port—Includes a source port in the match condition for the rule. The
source port is identified in the datagram header.
source port is identified in the datagram header.
-
Select From List—Choose the keyword associated with the source port
to match: ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these
keywords translates into its equivalent port number.
to match: ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these
keywords translates into its equivalent port number.
-
Match to Port—Enter the IANA port number to match to the source port
identified in the datagram header. The port range is 0 to 65535 and
includes three different types of ports:
identified in the datagram header. The port range is 0 to 65535 and
includes three different types of ports:
0 to 1023—Well Known Ports
1024 to 49151—Registered Ports
49152 to 65535—Dynamic and/or Private Ports
-
Mask—Enter the port mask. The mask determines which bits are used
and which bits are ignored. Only the hexadecimal digit (0 – 0xFFFF) is
allowed. 0 means the bit matters and 1 means that we should ignore this
bit.
and which bits are ignored. Only the hexadecimal digit (0 – 0xFFFF) is
allowed. 0 means the bit matters and 1 means that we should ignore this
bit.
•
Destination IP—Requires a packet's destination IP address to match the
address defined in the appropriate fields.
address defined in the appropriate fields.
-
Destination IP Address—Enter an IP address to apply this criteria.
-
Wild Card Mask—Enter the destination IP address wildcard mask. The
wildcard mask determines which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This
field is required when Source IP Address is selected.
wildcard mask determines which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This
field is required when Source IP Address is selected.
A wildcard mask is basically the inverse of a subnet mask. For example,
to match the criteria to a single host address, use a wildcard mask of
0.0.0.0. To match the criteria to a 24-bit subnet (for example, 192.168.10.0/
24), use a wildcard mask of 0.0.0.255.
to match the criteria to a single host address, use a wildcard mask of
0.0.0.0. To match the criteria to a 24-bit subnet (for example, 192.168.10.0/
24), use a wildcard mask of 0.0.0.255.
•
Destination Port—Includes a destination port in the match condition for the
rule. The destination port is identified in the datagram header.
rule. The destination port is identified in the datagram header.