🌐 Networking Intermediate

What are ACLs (Access Control Lists)?

Answer

ACLs (Access Control Lists) are ordered lists of rules on a router or firewall that permit or deny traffic based on criteria like source/destination IP, protocol, and port. Each rule is evaluated sequentially — when a match is found, the action (permit/deny) is taken and processing stops. If no rule matches, an implicit deny-all drops the packet. Types: Standard ACLs (filter based on source IP only — simple). Extended ACLs (filter based on source/destination IP, protocol, port — more powerful). Cisco example: access-list 101 deny tcp 192.168.1.0 0.0.0.255 any eq 23 (block Telnet from subnet). ACL placement: place standard ACLs close to the destination (they only filter by source, so you do not want to block traffic too early); place extended ACLs close to the source (filter early, reduce unnecessary traffic). Modern firewalls use stateful inspection beyond simple ACLs.