clear firewall
Syntax
Syntax (EX Series Switches)
Release Information
Command introduced before Junos OS Release 7.4.
Command introduced in Junos OS Release 9.0 for EX Series switches.
logical-system option introduced in Junos OS Release 9.3.
log option introduced before Junos OS Release 11.4.
Description
Clear statistics about configured firewall filters.
When you clear the counters of a filter, this impacts not only the counters shown by the CLI, but also the ones tracked by SNMP2.
 | Note: The clear firewall command cannot be used to clear the Routing Engine filter counters on a backup Routing Engine that is enabled for graceful Routing Engine switchover (GRES). |
If you clear statistics for firewall filters that are applied to Trio-based DPCs and that also use the prefix-action action on matched packets, wait at least 5 seconds before you enter the show firewall prefix-action-stats command. A 5-second pause between issuing the clear firewall and show firewall prefix-action-stats commands avoids a possible timeout of the show firewall prefix-action-stats command.
Options
all | — | Clear the packet and byte counts for all filters. On EX Series switches, this option also clears the packet counts for all policer counters. |
counter counter-name | — | Clear the packet and byte counts for a filter counter that has been configured with the counter firewall filter action. |
filter filter-name | — | Clear the packet and byte counts for the specified firewall filter. |
log (all | logical-system-name) | — | Clear log entries for IPv4 firewall filters that have then log as an action. Use log all to clear all log entries or log logical-system-name to clear log entries for the specified logical system. |
logical-system logical-system-name | — | Clear the packet and byte counts for the specified logical system. |
policer counter (all | counter-id counter-index) | — | (EX8200 switches only) Clear all policer counters using the policer counter all command, or clear a specific policer counter using the policer counter counter-id counter-index command. The value of counter-index can be 0, 1, or 2. |
Required Privilege Level
clear
List of Sample Output
clear firewall allclear firewall (counter counter-name)
clear firewall (filter filter-name)
clear firewall (policer counter all) (EX8200 Switch)
clear firewall (policer counter counter-id counter-index) (EX8200 Switch)
Sample Output
clear firewall all
user@host> clear firewall all
clear firewall (counter counter-name)
user@host> clear firewall counter port-filter-counterclear firewall (filter filter-name)
user@host> clear firewall filter ingress-port-filterclear firewall (policer counter all) (EX8200 Switch)
user@switch> clear firewall policer counter
allclear firewall (policer counter counter-id counter-index) (EX8200 Switch)
user@switch> clear firewall policer counter
counter-id 0
