An access control list (ACL) may be implemented on a network device, such as a router, a switch, or the like. The ACL may be applied to filter traffic input to the network device. An entry included in the ACL may specify one or more match conditions and an operation (e.g., an action) to be performed when the match conditions are satisfied. The may be configured to control both inbound and outbound traffic.