Page 1 of 1

hit counts fw rule/policy

Posted: 10 Apr 2019, 13:39
by caso01
Hi

Is there a way to see hit counts for a specific fw policy? So that i can see it directly in the firewall if the rule is used or not

BR
Carlos

Re: hit counts fw rule/policy

Posted: 11 Apr 2019, 09:18
by Peter
Hello.

You can use following CLI command to see that:

rules -verbose

So it will look something like this:
w3b:/> rules -verbose 10-12
Contents of main ruleset; default action is DROP
#     Name                                                  Action  Log    Usage
      Details
----- ----------------------------------------------------- ------- --- --------
10    Allow-LabbVlans-To-PreDefined                         Allow   Yes   580638
      SRC: vlan97,vlan98...:0.0.0.0/0
      DST: V0980-PreDefinedServices:15.122.0.0/24
      Service: all_services
And if you have multiple rulesets the command to view usage in another ruleset would be:

rules –verbose –type=IP –ruleset=xxxx

Best regards
/Peter

Re: hit counts fw rule/policy

Posted: 11 Apr 2019, 11:40
by caso01
Thanks!

Re: hit counts fw rule/policy

Posted: 29 Apr 2019, 08:50
by caso01
is there a way to get the rule number by the rule name?

Re: hit counts fw rule/policy

Posted: 29 Apr 2019, 09:00
by caso01
is there a way to get the rule number by rule name? so that i can search for hits on that specifik rule

Re: hit counts fw rule/policy

Posted: 30 Apr 2019, 07:25
by Peter
There is no option to search for the rule name. You can however search for the rule index number. So if you use for instance:

rules -v 10-15

You will list all rules from index position 10 to 15. The rule name will be included in this listning, it's just not searchable. By using this method you should hopefully be able to narrow down the amount of rules until you find the one you are looking for.

Alternatively simply list every rule and then copy & paste it into e.g. notepad and then search for the rule name :D

Best regards
/Peter

Re: hit counts fw rule/policy

Posted: 30 Apr 2019, 12:33
by caso01
is there a way to clear hit counts, to see if the rule is in use during a period of time?

Re: hit counts fw rule/policy

Posted: 08 May 2019, 09:02
by Peter
Unfortunately no, that means the only way is a Firewall restart.

/Peter

Re: hit counts fw rule/policy

Posted: 09 May 2019, 11:03
by fras
Actually, a Reconfigure is enough to clear the counters.
So not as big impact as a complete reboot.

Best Regards,
Fredrik Å

Re: hit counts fw rule/policy

Posted: 14 May 2019, 10:54
by Peter
Ah, i guess my memory served me wrong here. I guess it makes sense to clear it at reconfigure as it's very likely that an IP policy/rule had been changed as that is the most common area that users "reasonably" make frequent changes in.

/Peter