hello,

i have pix 6.2.2 and

clear access-list x counters

does not work.

Hi -

Now that's strange as I actually tried on a Lab pix running IOS 6.2.2 with cmd 'clear access-list 'acl-name' counters

Anyway you could remove the acl's from the pix onto a text-editor, and issue a 'no access-list ' as the first line of your acl on the text-editor and then in config mode paste back onto the pix, do a 'write memory' and do 'clear xlate' and this should clear ALL hit counters for the acl in question.

Best to use 'hyperterminal' to do the above.

Thanks --

Hi -

Sorry forgot to say on my other post - don't forget the access-group cmd, i.e. if you remove the inside acls then remove also the access-group cmd for the inside interface as well.

Thanks --

That advice will kill his traffic.

Also "no access-list " isn't a command.

I think you meant "no access-list ", but anyway putting that at the top of a set of access-list commands with the same id, then pasting it all in, is not a good idea. I've seen the pix lose the next few access-list commands while it processes the "no access-list". Then your access-list is different than you intended.

If you want to replace the ACL, enter the new one then change the access-group command.

Clearing the ACL counters needs to be done in config mode.

Hello,

This is a question to for 'kcook', can you tell me why 'no access-list is not a command? and also, why it will 'kill' as you say?? I'm confused.. you must know something that I don't !! Please feel free to explain...

Thanks - Jay