If you have spent any time around Cisco networking devices, you have probably heard about ACLs or Access Control Lists.
To know how an ACL works, we first need to know exactly what an ACL is:
An ACL controls what types of packets to allow, what types of packets to discard, or both.
It is also worth noting that there is another type of ACL, which is called Extended Access Control List. These lists offer more functionality than standard ACLs, however for this article we will be focusing on standard ACLs.
A standard ACL can either be applied in the incoming direction (entering the a router interface), or in the outgoing direction (leaving a router interface).
All ACL rules start with the keyword permit or deny. In a standard ACL, this keyword is then followed by the source address then the wildcard mask.
Using this syntax, a rule would look like this:
permit 192.168.1.0 0.0.0.255
This permits any packet that has a source IP address (in the IP Header) in the 192.168.1.0/24 subnet. You can also specify a single IP address, as well as a range of IPs, like in the example above.
For further reading check out Cisco’s documentation on ACLs.