firewall count

Forum|Forum|17 years ago
October 15, 2008
5 replies
4532 views

Under firewall->policy, I find a ' count' option, what' s function? For understanding my fgt-60 loading, can I calculate the firewall throughput by this count?

MasterBratac

New Member

Which firmware version do you use ... IÂ´ve never seen that ... screenshot?

p768

New Member

The FortiGate unit counts the number of packets and bytes a firewall policy is hit. For example, 5/50B means that a total of five packets and 50 bytes has hit the policy. The counter is reset when the FortiGate unit is restarted or the policy is deleted and re-configured.

Carl_Wallmark

New Member

Hi, Count was introduced in MR6 i think, it prints out packets/MB for each firewall policy

abelio

SuperUser

Hi, Count was introduced in MR6 i think, it prints out packets/MB for each firewall policy

Hi, it was introduced with MR4; from releasenotes: " Firewall Policy Packet and Byte Counter MR Introduced: FortiOS v3.00 MR4. Description: The FortiGate now can count the number packets and bytes a firewall policy is hit. The feature is enabled in each policy and the counter is viewable from the firewall policy list page. The column is not shown be default. The counter is reset when the FortiGate is restarted, if the policy is deleted and re-configured, or by using the " diagnose firewall iprope clear group <index>" CLI command.

MasterBratac

New Member

Ahh ... cool ... found it ...

laf

New Member

I discover it too in MR6 but it is present since MR5 patch 3 I think. It s pretty useful to see unused firewall policies, to debug VPN interface mode ping and so on. I also opened a ticket to Fortinet about this feature from CLI, but they re reluctant to answer me :). It' s possible to see it too from CLI, it s just it s a bit complicated. I asked them for some clarification on this, but..no answer ' till now.