Access lists, often abbreviated as ACLs, are constructs composed of a series or a list of entries. These entries are used to match specific characteristics of entities such as packets, and to act upon those packets by either permitting them or denying them.

ACLs are used to perform two fundamental operations:

  • Filtering - where match packets are either permitted or denied
  • Classification - where matched packets are selected and treated in a different manner

ACLs operate at Layers 3 and 4 of the OSI model, and use IPv4 or IPv6 addresses as well as TCP or UDP ports to match traffic.


Links to this page: