The Diagnostics > pfInfo page displays statistics and counters for the firewall packet filter which serve as metrics to judge how it is behaving and processing data. The information shown on the page contains items such as:
- Bytes In/Out
Bytes transferred in and out of the firewall.
- Packets In/Out
Packets transferred in or out and passed or blocked counters for each direction.
- State Table / Source Tracking Table
Statistics about the state table and source tracking table (Firewall States).
- Current Entries
The number of entries in the table
How many times the table has been searched and the current rate of searches, which roughly corresponds to the number of packets being passed by the firewall on current open connections.
The number of new states added to the table, and the rate at which the states are added. A high rate indicates that there are a lot of new connections being made to or through the firewall.
The number of old states being removed from the firewall.
Statistics an counts for various types of special, unusual or badly formatted packets.
- Limit Counters
Counters that pertain to packets that have reached or exceeded limits configured on firewall rules, such as max states per IP address.
- Table Size Limits
State table max size, source node table size, frag table size, number of allowed tables, and maximum number of table entries.
- State Timers
The current configured timeout values for various connection states for TCP, UDP, and other protocols.
- Interface Statistics
Per-interface packet counters.