Whilst "K46122561: Restrict access to the BIG-IP management interface using network firewall rules" show TMSH command to provision, I'm unable to find the command to reset hit counters/statistics shown using "show /security firewall management-ip-rules". Is there such?
Network firewall rules provide additional flexibility when configuring security for the management interface. You can configure the action to accept, drop, or reject incoming connections based on the protocol, source ports and IP addresses, and destination ports and IP addresses. For example, you can configure a positive security posture by creating rules that allow access to specific ports on the management interface from specific hosts on your network. The last rule you create in the rule list is an inclusive rule that drops all traffic destined to the management interface. As a result, the BIG-IP system drops any traffic that does not match an allow rule. PFMLogin
To clear IP access list counters, use the clear ip access-list counters command in privileged EXEC mode. clear ip access-list counters [access-list-number | access-list-name] PFM Login
