Access control lists (ACLs) - open-switch/opx-docs GitHub Wiki

ACLs are flexible, hardware-accelerated sets of rules that match packets using packet header criteria and perform actions on the selected packets. You can configure an ACL on NPU-connected data ports only by using the CPS API.

OPX does not support ACL configuration using Linux commands or an open source application.

ACL support includes:

• Ingress and egress ACL rules
• Matching packet header fields, including MAC address, Ethertype, IP address, IP protocol, TCP/UDP port numbers, and In port
• Packet actions, including drop, trap/forward to the CPU, redirect to port, change packet fields, and meter
• Grouping ACL rules to enable multiple rule match for a single packet