84

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

 

RouterOS v3 Configuration and User Guide

 

 

stp-forward-delay(time: 0..65535) - forward delay timer

stp-hello-time(time: 0..65535) - stp hello packets time

stp-max-age(time: 0..65535) - maximal STP message age

stp-msg-age(time: 0..65535) - STP message age

stp-port(integer: 0..65535) - stp port identifier stp-root-address(MAC address) - root bridge MAC address stp-root-cost(integer: 0..65535) - root bridge cost stp-root-priority(time: 0..65535) - root bridge priority

stp-sender-address(MAC address) - stp message sender MAC address stp-sender-priority(integer: 0..65535) - sender priority

stp-type(config tcn) - the BPDU type config - configuration BPDU

tcn - topology change notification

vlan-encap(802.2 arp ip ipv6 ipx rarp vlan) - the MAC protocol type encapsulated in the VLAN frame

vlan-id(integer: 0..4095) - VLAN identifier field

vlan-priority(integer: 0..7) - the user priority field

￿

Stp matchers are only valid if destination MAC address is 01:80:C2:00:00:00/FF:FF:FF:FF:FF:FF (Bridge Group address), also stp should be enabled.

ARP matchers are only valid if mac-protocol is arp or rarp VLAN matchers are only valid for vlan ethernet protocol IP-related matchers are only valid if mac-protocol is set as ipv4

802.3matchers are only consulted if the actual frame is compliant with IEEE 802.2 and IEEE 802.3 standards (note: it is not the industry-standard Ethernet frame format used in most networks worldwide!). These matchers are ignored for other packets.

4.5.8 Bridge Packet Filter

Submenu level: /interface bridge filter

Description

This section describes bridge packet filter specific filtering options, which were omitted in the general firewall description

Property Description

action (accept drop jump log mark passthrough return; default: accept) - action to undertake if the packet matches the rule, one of the:

accept - accept the packet. No action, i.e., the packet is passed through without undertaking any action, and no more rules are processed in the relevant list/chain

drop - silently drop the packet (without sending the ICMP reject message) jump - jump to the chain specified by the value of the jump-target argument log - log the packet non presente nel manual pdf

mark - mark the packet to use the mark later

passthrough - ignore this rule and go on to the next one. Acts the same way as a disabled rule, except for ability to count packets

return - return to the previous chain, from where the jump took place out-bridge(name) - outgoing bridge interface

out-interface(name) - interface via packet is leaving the bridge

4.5.9 Bridge NAT

Submenu level: /interface bridge nat

Description

This section describes bridge NAT options, which were omitted in the general firewall description

Page 84
Image 84
Allied Telesis AT-WR4500 manual Bridge Packet Filter, Bridge NAT, Submenu level /interface bridge filter