Case 3: ACL for L4 Port

For Layer4 port ACL (Access Control List), it can filter on (1) source IP address, (2) source L4 port, (3) destination IP address, (4) destination L4 port, and (5) UDP or TCP Protocol. You can select to filter on (1)~(4) for all or some specific values, but it should select exact one Protocol from UDP or TCP.

When it filters on both directional IP address and L4 port, packets coincident with both rules will take effect. In other words, it does not do filter if it only coincident with one rule.

If you want to filter only one directional IP address or L4 port, the other IP address and L4 port must be set to all zeroes. It means don‘t care portion. The detail testing (refer to MAC ACL above).