fgFwPolByteCountHc is a 64-bit Number of bytes in packets matching the policy.

1. SNMP results show there is 0 count of firewall policy 999:

snmpwalk -v 2c -c XXXX y.y.y.y .1.3.6.1.4.1.12356.101.5.1.2.1.1.2

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.1.0 = Counter32: 0

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.2.0 = Counter32: 46

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.3.0 = Counter32: 0

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.4.0 = Counter32: 0

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.5.0 = Counter32: 0

SNMPv2-SMI::enterprises.12356.101.5.1.2.1.1.2.5.999 = Counter32: 0 => SNMP result shows 0 for policy 999

2. Using 'diagnose firewall iprope show 00100004 <policy ID>' to see the results of policy hit count:

FortiGate-6000F # diagnose firewall iprope show 00100004 999
==========================================================================
MBD SN: F6KF31T0189000XX
idx:999
pkts:12 (0 12 0 0 0 0 0 0)
bytes:1008 (0 1008 0 0 0 0 0 0)
asic_pkts:18 (0 18 0 0 0 0 0 0)
asic_bytes:1512 (0 1512 0 0 0 0 0 0)
nturbo_pkts:0 (0 0 0 0 0 0 0 0)
nturbo_bytes:0 (0 0 0 0 0 0 0 0)
flag:0x0
hit count:3 (0 3 0 0 0 0 0 0) => hit count of policy 999 should be 3
first hit:2024-08-15 12:26:21 last hit:2024-08-15 12:31:40

Solution:

Upgrade the FortiGate-6000F to firmware v7.2.9, v7.4.5 or v7.6.1.