clear access-list ipv4
To clear IPv4 access list counters, use the clear access-list ipv4 command in EXEC mode .
clear access-list ipv4 access-list name [ sequence-number | hardware { ingress | egress}] [interface type interface-path-id] [ location node-id | sequence number ]
Syntax Description
access-list-name |
Name of a particular IPv4 access list. The name cannot contain a spaces or quotation marks, but can include numbers. |
||
sequence-number |
(Optional) Specific sequence number with which counters are cleared for an access list. Range is 1 to 2147483646. |
||
hardware |
Identifies the access list as an access group for an interface. |
||
ingress |
Specifies an inbound direction. |
||
egress |
Specifies an outbound direction. |
||
interface |
(Optional) Clears the interface statistics. |
||
type |
Interface type. For more information, use the question mark (?) online help function. |
||
interface-path-id |
Physical interface or virtual interface.
For more information about the syntax for the router, use the question mark (?) online help function. |
||
location node-id |
(Optional) Clears hardware resource counters from the designated node. The node-id argument is entered in the rack/slot/module notation. |
||
sequence number |
(Optional) Clears counters for an access list with a specific sequence number. Range is 1 to 2147483646. |
Command Default
The default clears the specified IPv4 access list.
Command Modes
EXEC mode
Command History
Release |
Modification |
---|---|
Release 2.0 |
This command was introduced. |
Release 3.2 |
The range for the sequence-number argument was changed from 2147483646 to 2147483644. The command name was changed from clear ipv4 access-list to clear access-list ipv4 . |
Release 3.5.0 |
The interface keyword was added. |
Usage Guidelines
Use the clear access-list ipv4 command to clear counters for a specified configured access list. Use a sequence number to clear counters for an access list with a specific sequence number.
Use the hardware keyword to clear counters for an access list that was enabled using the ipv4 access-group command.
Use an asterisk ( *) in place of the access-list-name argument to clear all access lists.
Note |
An access list can be shared among multiple interfaces. Clearing hardware counters clears all counters for all interfaces that use the specified access list in a given direction (ingress or egress). |
Task ID
Task ID |
Operations |
---|---|
basic-services |
read, write |
acl |
read, write |
bgp |
read, write, execute |
Examples
In the following example, counters for an access list named marketing are cleared:
RP/0/RP0/CPU0:router# show access-lists ipv4 marketing
ipv4 access-list marketing
10 permit ip 192.168.34.0 0.0.0.255 any (51 matches)
20 permit ip 172.16.0.0 0.0.255.255 any (26 matches)
30 deny tcp host 172.16.0.0 eq bgp host 192.168.202.203 30 (5 matches)
RP/0/RP0/CPU0:router# clear access-list ipv4 marketing
RP/0/RP0/CPU0:router# show access-lists ipv4 marketing
ipv4 access-list marketing
10 permit ip 192.168.34.0 0.0.0.255 any
20 permit ip 172.16.0.0 0.0.255.255 any
30 deny tcp host 172.16.0.0 eq bgp host 192.168.202.203 30
In the following example, counters for an access list named acl_hw_1 in the outbound direction are cleared:
RP/0/RP0/CPU0:router# show access-lists ipv4 acl_hw_1 hardware egress location 0/2/cp0
ipv4 access-list acl_hw_1
10 permit icmp 192.168.36.0 0.0.0.255 any (251 hw matches)
20 permit ip 172.16.3.0 0.0.255.255 any (29 hw matches)
30 deny tcp any any (58 hw matches)
RP/0/RP0/CPU0:router# clear access-list ipv4 acl_hw_1 hardware egress location 0/2/cp0
RP/0/RP0/CPU0:router# show access-lists ipv4 acl_hw_1 hardware egress location 0/2/cp0
ipv4 access-list acl_hw_1
10 permit icmp 192.168.36.0 0.0.0.255 any
20 permit ip 172.16.3.0 0.0.255.255 any
30 deny tcp any any