ssadm lib/statetables -f Command

ssadm lib/statetables -f causes the Screen to flush (discard) all of its connection state information. This causes all previously active connections through the Screen to be effectively disconnected.

This command is often useful after activating a modified policy that disallows some traffic that was previously allowed. Without running ssadm lib/statetables -f, you allow any previously existing connections to remain active even if the new policy does not allow them. By running ssadm lib/statetables -f, you cause all previously existing connections to be disconnected and the active policy will apply to any subsequent connections.