|
To check the stats for the single firewall policy:
# diagnose firewall iprope show <policy-group> <policy-idx>
The 'policy-group' ID is 00100004, this value is for configurable firewall policies.
The Policy ID number is different from the policy sequence number which is shown on 'Seq#' column on the GUI.
The Policy ID number which is the index number of the firewall policy can be found under 'ID' column on the GUI.
Example.
To check the stats for the firewall policy ID 1:
# diagnose firewall iprope show 00100004 1
idx:1
pkts:172139 (0 0 0 0 0 0 0 0)
bytes:100413507 (0 0 0 0 0 0 0 0)
asic_pkts:702 (0 0 0 0 0 0 0 0)
asic_bytes:171463 (0 0 0 0 0 0 0 0)
nturbo_pkts:0 (0 0 0 0 0 0 0 0)
ntubro_bytes:0 (0 0 0 0 0 0 0 0)
flag:0x0
hit count:5170 (0 0 0 0 0 0 0 0)
first hit:2022-06-21 11:56:39 last hit:2022-06-24 22:07:27
established session count:10
first est:2022-06-21 11:56:39 last est:2022-06-24 22:07:27
To check the stats for the Multiple firewall policies:
# diagnose firewall iprope show <policy-group> <policy-idx-1> <policy-idx-2> <policy-idx-3> ...
Example.
To check the stats for the firewall policy ID 1, 2 & 3:
# diagnose firewall iprope show 00100004 1 2 3
Related Article:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-clear-or-reset-policy-counters-on-t...
|
