Systems and methods are provided for minimizing traffic leaks during replacement of an access control list for a network interface. The method includes adding a blocking access control entry to an access control list for a network interface of a network switch, wherein the blocking entry causes the network interface to block traffic from passing through the network interface; removing one or more current access control entries from the access control list, except for the blocking entry, after adding the blocking entry to the access control list; adding one or more new access control entries to the access control list, without removing the blocking entry, after removing the one or more current access control entries from the access control list; and removing the blocking entry from the access control list after adding the one or more new access control entries to the access control list.