Standard And Extended ACLs | Types of Access Control list

Access List Configuration
A standard ACL provides the ability to match traffic based on the source address of the traffic only. This is, of course, rather limiting, but in many situations is all that is required. The command syntax of a standard ACL is as follows:

router(config)#access-list access-list-number {permit | deny} {source [source-wildcard] | host hostname | any}
or

router(config)#ip access-list standard {access-list-name}
router(config-std-nacl)# [sequence-number] {permit | deny} {source [source-wildcard] | host hostname | any}
From Table 1, it can be inferred that the access-list-number parameter will be a number from 1-99 or 1300-1999. The choice of the permit or deny action is rather obvious. The source parameter is the source IP network that is being matched by the ACL. The source-wildcard parameter is used to affect the source addresses being matched by the ACL by masking off the target addresses with an inverse mask. This parameter has long been an enemy of many beginning Cisco people, as the concept of an inverse mask adds another level of complexity to a subnet mask. The easiest way to calculate an inverse mask from a subnet mask is by subtracting each octet by 255. For example, if attempting to match the addresses of a /26 or 255.255.255.192 network, each octet will have its value subtracted from 255 to give 255-255 = 0 and 255-192 = 63; the result would be an inverse mask of 0.0.0.63. The host hostname parameter is used to match a specific host instead of a network. The any parameter is used to match all traffic.

The second method of configuration shown uses the named ACL configuration; this method allows some additional functionality that does not exist with the original method including the ability to edit individual lines in an ACL. When using a numbered ACL, the whole list must be deleted and reentered in order to make a change.