Setup guide

ManualsBrandsD-Link ManualsComputer equipmentDWL-500 - 11Mb Wireless LAN PCI Network Card

201

202

203

204

205

206

207

208

209

210

Description

Packets entering the router can be marked for further processing them against the rules of firewall

chains, source or destination NAT rules, as well as for applying queuing to them.

It is also possible to mark the packets associated (including related) with the same connection as the

marked packet (in other words, to mark a connection with all related connections, you need to mark

only one packet belonging to that connection).

You may also want to change the TCP Maximum Segment Size (MSS), to a value which is your

desired MTU value less 40. The MSS can be set only for TCP SYN packets.

Type of Service

Internet paths vary in quality of service they provide. They can differ in cost, reliability, delay and

throughput. This situation imposes some tradeoffs, exempli gratia the path with the lowest delay

may be among the slowest. Therefore, the "optimal" path for a packet to follow through the Internet

may depend on the needs of the application and its user.

Because the network itself has no knowledge on how to optimize path choosing for a particular

application or user, the IP protocol provides a facility for upper layer protocols to convey hints to

the Internet Layer about how the tradeoffs should be made for the particular packet. This facility is

called the "Type of Service" facility.

The fundamental rule is that if a host makes appropriate use of the TOS facility, its network service

should be at least as good as it would have been if the host had not used this facility.

The TOS can be one of five types, each of them is an instruction to:

• low-cost - minimize monetary cost

• low-delay - minimize delay

• normal - normal service

• max-reliability - maximize reliability

• max-throughput - maximize throughput

Property Description

action (accept | passthrough; default: accept) - action to undertake if the packet matches the rule,

one of the:

• accept - accept the packet applying the appropriate attributes (marks, MSS), and no more rules

are processed in the list

• passthrough - apply the appropriate attributes (marks, MSS), and go on to the next rule

disabled (yes | no; default: no) - specifies, whether the rule is disabled or not

in-interface (name; default: all) - interface the packet has entered the router through. If the default

value all is used, it may include the local loopback interface for packets originated from the router

src-address (IP address; default: 0.0.0.0/0:0-65535) - source IP address

src-netmask (IP address; default: accept) - source netmask in decimal form x.x.x.x

src-port (integer: 0..65535; default: 0-65535) - source port number or range

• 0 - all ports from 01 to 65535

comment (text; default: "") - a descriptive comment for the rule

dst-address (IP address; default: 0.0.0.0/0:0-65535) - destination IP address

dst-netmask (IP address; default: accept) - destination netmask in decimal form x.x.x.x

dst-port (integer: 0..65535; default: 0-65535) - destination port number or range

• 0 - all ports from 1 to 65535

icmp-options (integer; default: any:any) - matches ICMP Type:Code fields