The issue is due to hardware limitations. It is not possible to enter more than 75 Access Control Entries (ACEs) in the first eight ports.
When applying ACLs to physical interfaces, follow these configuration guidelines:
Only one ACL with these limitations can be attached to an interface.
Gigabit Ethernet ports support up to 100 ACEs per one ACL per port.
Fast Ethernet ports support up to 75 ACEs per one ACL across a range of eight Fast Ethernet ports. This means that ports 1 to 8 support a combined total of 75 ACEs, ports 9 to 16 support a combined total of 75 ACEs, and so on.
All ACEs in an ACL must have the same user-defined mask. However, ACEs can have different rules that use the same mask.
The Catalyst 2950 Switch does not support these Cisco IOS® router ACL-related features:
Non-IP protocol ACLs
ACL support on the outbound direction
Inbound and outbound rate limiting (except with Quality of Service [QoS] ACLs)
IP packets that have a header length of less than 5 bytes
Dynamic ACLs (except for certain specialized dynamic ACLs used by the switch clustering feature)
Internet Control Message Protocol (ICMP)-based filtering