Motorola WiNG 5.7.1 System Reference Manual page 655

6. If adding a new MAC Firewall
7. Define the following parameters for the MAC Firewall Rule:
Allow
Source MAC /
Destination MAC
Action
Precedence
VLAN ID
Figure 8-19 MAC Firewall Rules screen - Adding a new rule
Rule, provide a name up to 32 characters in length.
Every MAC firewall rule is made up of matching criteria rules. The action defines what to
do with the packet if it matches the specified criteria. The following actions are supported:
• Deny - Instructs the firewall to not to allow a packet to proceed to its destination.
• Permit - Instructs the firewall to allow a packet to proceed to its destination.
Enter both Source MAC and Destination MAC addresses. Access points use the source IP
address, destination MAC address as basic matching criteria. Provide a subnet mask if
using a mask.
The following actions are supported:
• Log - Events are logged for archive and analysis.
• Mark - Modifies certain fields inside the packet and then permits them. Therefore, mark
is an action with an implicit permit.
• VLAN 802.1p priority.
• DSCP bits in the IP header
• Mark, Log - Conducts both mark and log functions.
Use the spinner control to specify a precedence for this MAC firewall rule from 1 - 5000.
Rules with lower precedence are always applied first to packets.
Enter a VLAN ID representative of the shared SSID each user employs to interoperate
within the network (once authenticated by the RADIUS server). The VLAN ID can be from
1 - 4094.
8 - 31