Access control lists (ACLs) are used to control network traffic flows between routers by filtering packets. Standard ACLs filter based on source IP address and block bidirectional traffic. Extended ACLs filter on source IP address, destination IP address, protocol and port, and can block traffic in one direction only. Wildcard masks are used in ACLs to specify which IP address bits must match for the ACL entry to apply.