The invention discloses a multi-level ACL chip realizing method in a WLAN system. The method includes the steps that logic output ports corresponding to CAPWAP tunnels one to one and output SSID corresponding to SSID on an AP one to one are output from packaging edition action. In addition, logicSrcPort is output from CAPWAP tunnel clauses and subclauses and is brought back to chopped CAPWAP package, and SSID is output from a terminal safety inspection table, so that parallel starting of the CAPWAP tunnels and multiple ACL search at the SSID level in the inlet-outlet direction of the chip port are supported. On the basis of chip support port ACL, two levels of ACL is additionally arranged and are used for ACL inlet and outlet direction control at the level of the CAPWAP tunnels and SSID, and therefore ACL service deployment is more flexible.