pfInfoΒΆ

The Diagnostics > pfInfo page displays statistics and counters for the firewall packet filter which serve as metrics to judge how it is behaving and processing data. The information shown on the page contains items such as:

Bytes In/Out

Bytes transferred in and out of the firewall.

Packets In/Out

Packets transferred in or out and passed or blocked counters for each direction.

State Table / Source Tracking Table

Statistics about the state table and source tracking table (Firewall States).

Current Entries

The number of entries in the table

Searches

How many times the table has been searched and the current rate of searches, which roughly corresponds to the number of packets being passed by the firewall on current open connections.

Inserts

The number of new states added to the table, and the rate at which the states are added. A high rate indicates that there are a lot of new connections being made to or through the firewall.

Removals

The number of old states being removed from the firewall.

Counters

Statistics an counts for various types of special, unusual or badly formatted packets.

Limit Counters

Counters that pertain to packets that have reached or exceeded limits configured on firewall rules, such as max states per IP address.

Table Size Limits

State table max size, source node table size, frag table size, number of allowed tables, and maximum number of table entries.

State Timers

The current configured timeout values for various connection states for TCP, UDP, and other protocols.

Interface Statistics

Per-interface packet counters.