|
|
|
Wildcards are a template that govern which part of an IP address is significant when evaluating a rule. When you create a rule based on source or destination IP address, you must also specify the Wildcard.
Wildcards are in principal, the same as a subnet mask. The differences are you invert the mask's bits and there is no requirement of contiguous bits. For Example: a decimal wildcard of 0.255.0.255 is allowed.
For example: If you want to create a rule that blocks all traffic on the 192.168.24.0 (subnet mask 255.255.255.0) network, you would specify a Wildcard of 0.0.0.255 in the rule.
If you wanted to block traffic from a specific host whose IP address was 192.168.24.143 (subnet mask 255.255.255.0) you would specify a Wildcard of 0.0.0.0. This mask "tells" the supervisor to evaluate the entire IP address when evaluating a packet against the rule.
|
|
|