diff --git a/acls_test.go b/acls_test.go
index 5534257d..9f0432a7 100644
--- a/acls_test.go
+++ b/acls_test.go
@@ -328,6 +328,22 @@ func (s *Suite) TestPortWildcard(c *check.C) {
 	c.Assert(rules[0].SrcIPs[0], check.Equals, "*")
 }
 
+func (s *Suite) TestPortWildcardYAML(c *check.C) {
+	err := app.LoadACLPolicy("./tests/acls/acl_policy_basic_wildcards.yaml")
+	c.Assert(err, check.IsNil)
+
+	rules, err := app.generateACLRules()
+	c.Assert(err, check.IsNil)
+	c.Assert(rules, check.NotNil)
+
+	c.Assert(rules, check.HasLen, 1)
+	c.Assert(rules[0].DstPorts, check.HasLen, 1)
+	c.Assert(rules[0].DstPorts[0].Ports.First, check.Equals, uint16(0))
+	c.Assert(rules[0].DstPorts[0].Ports.Last, check.Equals, uint16(65535))
+	c.Assert(rules[0].SrcIPs, check.HasLen, 1)
+	c.Assert(rules[0].SrcIPs[0], check.Equals, "*")
+}
+
 func (s *Suite) TestPortNamespace(c *check.C) {
 	namespace, err := app.CreateNamespace("testnamespace")
 	c.Assert(err, check.IsNil)
diff --git a/tests/acls/acl_policy_basic_wildcards.yaml b/tests/acls/acl_policy_basic_wildcards.yaml
new file mode 100644
index 00000000..8e7c817f
--- /dev/null
+++ b/tests/acls/acl_policy_basic_wildcards.yaml
@@ -0,0 +1,10 @@
+---
+Hosts:
+  host-1: 100.100.100.100/32
+  subnet-1: 100.100.101.100/24
+ACLs:
+  - Action: accept
+    Users:
+      - "*"
+    Ports:
+      - host-1:*