Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ICT_Putte
New Contributor

how to reset hit counts for SD-WAN rules?

We are using a Fortigate 100F with firmware 7.2.2. 

 

Is there a way to reset the hit counts for specific SD-WAN rules? 

 

After some searching in the guides and the forum I found info to reset the hit counts for the policy rules but uptil now no luck in resetting the hit counts for the SD-WAN rules.

 

Can some of the guru's here help me or point me in the right direction? 

 

Thanks in advance

2 Solutions
aionescu
Staff
Staff

Hi @ICT_Putte ,

 

Welcome to the community.

Can you, please, try  diag firewall proute list  and then   clear hit_count using the policy route ID from ‘proute list’ ?

 

View solution in original post

sagha
Staff
Staff

Hi @ICT_Putte 

 

Here are the steps: 

 

1. Run the command 'diag firewall proute list '

 

2. Look for the relevant sdwan rule:

 

id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=179316 last_used=2022-10-20 13:04:57

 

3. Run the following command: 

2130706435 is id for this sdwan rule

 

diagnose firewall proute clear 2130706435

 

4. Result: 

 

id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=0 last_used=2022-10-20 13:05:58

 

Hope this helps. 

 

Thank you. 

Shahan

View solution in original post

3 REPLIES 3
aionescu
Staff
Staff

Hi @ICT_Putte ,

 

Welcome to the community.

Can you, please, try  diag firewall proute list  and then   clear hit_count using the policy route ID from ‘proute list’ ?

 

sagha
Staff
Staff

Hi @ICT_Putte 

 

Here are the steps: 

 

1. Run the command 'diag firewall proute list '

 

2. Look for the relevant sdwan rule:

 

id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=179316 last_used=2022-10-20 13:04:57

 

3. Run the following command: 

2130706435 is id for this sdwan rule

 

diagnose firewall proute clear 2130706435

 

4. Result: 

 

id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=0 last_used=2022-10-20 13:05:58

 

Hope this helps. 

 

Thank you. 

Shahan

ICT_Putte
New Contributor

Hi @aionescu and @sagha 

 

Thanks for the info. With it I managed to clear the hit count.

 

I noticed some strange behaviour thou (maybe a bug in the firmware version I'm using?):

 

When I used the command with a specific id of a sdwan rule it didn't work.

'diag firewall proute clear <id nummer> ' didn't gave an error but it also didn't clean the hit count.

If I gave the same command without the id nummer it cleared all the hitcounts of all the rules (as expected).

 

The firmware I'm using v7.2.2 build 1255.

 

With kind regards.

 

Labels
Top Kudoed Authors