Configuring Access Control Lists 585MAC access list actions include CoS queue assignment, mirroring,redirection to another port, and logging, as well as the usual permit and denyactions.What Are IP ACLs?IP ACLs classify for Layers 3 and 4 on IPv4 or IPv6 traffic.Each ACL is a set of up to 100 rules applied to inbound or outbound traffic.IP ACLs support logging, redirect, mirroring, and drop. The following fieldsmay be specified in the permit or deny rules.• Destination IP with wildcard mask• Destination L4 port• Every protocol or a specific protocol• IP DSCP• IP precedence• IP TOS• TCP flags• Source IP with wildcard mask• Source L4 port, with eq, ne, gt, and lt operators and ranges (IP/TCP/UDPpackets only)• Destination layer 4 port, with eq, ne, gt, and lt operators and ranges(IP/TCP/UDP packets only)What Is the ACL Redirect Function?The redirect function allows traffic that matches a permit rule to beredirected to a specific physical port or LAG instead of processed on theoriginal port. A packet that is redirected does not go through the normalforwarding process. It is sent to the redirect target port. The redirect functionand mirror function are mutually exclusive. In other words, you cannotconfigure a given ACL rule with both mirror and redirect attributes.What Is the ACL Mirror Function?ACL mirroring provides the ability to mirror traffic that matches a permitrule to a specific physical port or LAG. Mirroring is similar to the redirectfunction, except that in flow-based mirroring a copy of the permitted traffic is