A method and apparatus of a device that converts an ordered ACL to an unordered ACL is described. In an exemplary embodiment, a network element receives an ordered access control list that includes a set of ordered rules, where each of the ordered rules includes an address range and an action. Furthermore, if two address ranges for two of the ordered rules overlap, a corresponding action of a preceding rule overrules a corresponding action of a subsequent rule for an overlapping range of addresses. The network element further converts the ordered access control list to an unordered access control list, where the unordered access control list includes a plurality of independent rules and each of the plurality of independent rules include a corresponding address range that is non-overlapping with other address ranges of the plurality of independent rules. In addition, the network element stores the unordered access control list, where the unordered access control list is used by the network element to make forwarding decisions for processing network data.