This module defines configuration and operational state data for network access control lists (i.e., filters, rules, etc.). ACLs are organized into ACL sets, with each set containing one or more ACL entries. ACL sets are identified by a unique name, while each entry within a set is assigned a sequence-id that determines the order in which the ACL rules are applied to a packet.
Individual ACL rules specify match criteria based on fields in the packet, along with an action that defines how matching packets should be handled. Entries have a type that indicates the type of match criteria, e.g., MAC layer, IPv4, IPv6, etc.