Operation Manual
Security ACL Commands 15 – 391
15
Security ACL Commands
Use security ACL commands to configure and monitor security access control lists (ACLs).
Security ACLs filter packets to restrict or permit network usage by certain users or traffic types,
and can assign to packets a class of service (CoS) to define the priority of treatment for packet
filtering.
(Security ACLs are different from the location policy on an MX, which helps you locally control
user access. For location policy commands, see Chapter , “AAA Commands,” on page 9-147.)
This chapter presents security ACL commands alphabetically. Use the following table to locate
commands in this chapter based on their use.
clear security acl
Clears a specified security ACL, an access control entry (ACE), or all security ACLs, from the edit
buffer. When used with the command commit security acl, clears the ACE from the running
configuration.
Syntax
clear security acl {acl-name | all} [editbuffer-index]
Defaults
None.
Access
Enabled.
Create Security ACLs set security acl on page 15-395
show security acl editbuffer on page 15-402
show security acl info on page 15-404
show security acl on page 15-402
clear security acl on page 15-391
Commit Security ACLs commit security acl on page 15-394
rollback security acl on page 15-395
Map Security ACLs set security acl map on page 15-400
show security acl map on page 15-405
clear security acl map on page 15-393
Monitor Security ACLs show security acl hits on page 15-403
set security acl hit-sample-rate on page 15-401
show security acl resource-usage on page 15-405
acl-name Name of an existing security ACL to clear. ACL names start with a letter and are
case-insensitive.
all Clears all security ACLs.
editbuffer-index Number that indicates which access control entry (ACE) in the security ACL to
clear. If you do not specify an ACE, all ACEs are cleared from the ACL.