The screenshot is not complete, but -
When an outbound route is set to filter on source-caller ID, which it appears as such given the “guard” setting in your screenshot, then the privilege levels no longer play a part are grayed out. By definition you have already indicated the specific extensions that can use the rule so privilege levels are no longer applicable.
The privilege listing is a hierarchical listing of permissions that are granted to an extension when not using source caller ID filtering.
Disabled - no calling allowed.
Internal - level 1
Local - level 2
National - level 3
International - level 4
The names used are just that and while it may seem like they are suggesting a specific calling ability related to dialing patterns needed to reach local, national, etc., this not necessarily so. It depends on how you want to apply to an extension so that the extension has the privilege level to dial out or not.
International (Level 4) is the highest level and by default can use any rule that is 4, 3, 2, or 1.
National (Level 3) is the next highest and can use 3, 2, or 1, but cannot use level 4 rules.
Local can use 2 & 1, but not 3 & 4
Internal can only use 1.
So as you can see, Internal is the lowest level which means that almost anyone can use it and GS issues a warning about its use.
So, if you want people to be able to dial the rule .x to reach your listing of numbers, then they either need to be added to the source filter ID or you need to create a new rule where the permission level allows them to access the rule that allows it.