Manualshelf

User manual

ManualsBrandsWeidmuller ManualsComputer equipmentWI-MOD-E-G
31323334353637383940
Chapter Three Operation
Page 39 March 2010
3.12 Wireless Message Filter
When configured as a Bridge, the WI-MOD-9-E will transmit all broadcast messages appearing
at its wired Ethernet port. When the WI-MOD-9-E is configured as a Router, this does not occur.
In many cases, the intended recipient of the broadcast traffic does not lie at the opposite end of a
proposed radio link. Reducing unnecessary broadcast traffic sent over the radio link, will increase
available bandwidth for data. The WI-MOD-9-E has a filtering feature to help reduce
unnecessary wireless transmissions and enhance security.
The WI-MOD-9-E may be configured to reject or accept messages to and from certain
Addresses. To accept wireless messages from particular devices a “Whitelist” of Addresses must
be made. Alternatively to reject messages from particular devices, a “Blacklist” of Addresses
must be made. Filtering applies only to messages appearing at the wired Ethernet port of the
configured WI-MOD-9-E.
The Filter comprises of two lists: one of MAC Addresses and another listing IP protocol details.
Each list may be set as either a blacklist (to block traffic for listed devices and protocols), or as a
whitelist (to allow traffic for listed devices and protocols). The Filter operates on two rules listed
below.
1. A Blacklist has priority over a whitelist. Traffic matching detail in a blacklist will be discarded
if it also appears in a whitelist.
2. When one or both lists are whitelists, traffic must have matching detail in at least one of the
whitelists for it to be passed. Note that, as this must agree with rule 1 above, the traffic detail
must not match anything in a blacklist, if present, for it to be passed.
When configuring a Whitelist it is important to add the Addresses of all devices connected to the
WI-MOD-9-E wired Ethernet port, that communicate over the wireless link. It is particularly
important to add the Address of the configuration PC to the Whitelist. Failure to add this address
will prevent the configuration PC from making any further changes to configuration. Design of
the filter may be simplified by monitoring network traffic and forming a profile of traffic on the
wired network. Network Analysis software, such as the freely available Ethereal program, will
list broadcast traffic sent on the network.
For example, Computer B sees the computer D via Ethernet Modems C & E. The White
Filtering requires that at Modem C has computer B in its white list, Modem E has computer D in
its Whitelist. Computer A will be not be able to access Computer D, as Computer A is not
present in the Whitelist in Modem C.