NACL
Network Access Control List
Last updated
Network Access Control List
Last updated
is a virtual firewall that controls inbound and outbount traffic at the SUBNET level.
like a passport control officer, who can allow or disallow a packet go through your subnet.
contains numbered list of rules. Lowest number = Highest priority.
level | instance level | subnet level |
state | statefull | stateless (remember nothing) |
rule | only support | support both |
default | - deny all inbound - allow all outbound | allow all in/outbound traffic |
evaluate | all the rule before deciding | proceed by pritority number, start from 100.. |
Only 1 NACL / subnet
By default, NACL allows all inbound, outbound traffic
Once a rule match, NACL stops proceed to the next rule.
