clear access-list ipv4
To clear IPv4 access list counters, use the clear access-list ipv4 command in EXEC mode.
clear access-list ipv4 access-list name [ sequence-number | hardware { ingress | egress}] [interface type interface-path-id] [ location node-id | sequence number ]
Syntax Description
access-list-name | Name of a particular IPv4 access list. The name cannot contain a spaces or quotation marks, but can include numbers. | ||
sequence-number | [Optional] Specific sequence number with which counters are cleared for an access list. Range is 1 to 2147483644 . | ||
hardware | Identifies the access list as an access group for an interface. | ||
ingress | Specifies an inbound direction. | ||
egress | Specifies an outbound direction. | ||
interface | [Optional] Clears the interface statistics. | ||
type | Interface type. For more information, use the question mark [?] online help function. | ||
interface-path-id | Physical interface or virtual interface.
For more information about the syntax for the router, use the question mark [?] online help function. | ||
location node-id | [Optional] Clears hardware resource counters from the designated node. The node-id argument is entered in the rack/slot/module notation. | ||
sequence number | [Optional] Clears counters for an access list with a specific sequence number. Range is 1 to 2147483644 . |
Using the CLI to edit ACLs
You can use the CLI to delete individual ACEs from anywhere in an ACL, append new ACEs to the end of an ACL, and insert new ACEs anywhere within an ACL.
Named ACLs:
When you enter a new ACE in a named ACL without specifying a sequence number, the switch inserts the ACE as the last entry in the ACL.
When you enter a new ACE in a named ACL and include a sequence number, the switch inserts the ACE according to the position of the sequence number in the current list of ACEs.
Numbered ACLs: When using the access-list command to create or add ACEs to a numbered ACL, each new ACE you enter is added to the end of the current list. [This command does not offer a option for including a sequence number to enable inserting an ACE at other points in the list.] Note, however, that once a numbered list has been created, you have the option of accessing it in the same way as a named list by using the ip access-list command. This enables you to edit a numbered list in the same way that you would edit a named list. [See the next item in this list.]
You can delete any ACE from any ACL [named or numbered] by using the ip access-list command to enter the ACL's context, and then using the no command, see Deleting an ACE from an existing ACL.
Deleting the last ACE from an ACL leaves the ACL in memory. In this case, the ACL is "empty" and cannot perform any filtering tasks. [In any ACL the Implicit Deny does not apply unless the ACL includes at least one explicit ACE.]