pfInfo

The Diagnostics > pfInfo page displays statistics and counters for the firewall packet filter which serve as metrics to judge how it is behaving and processing data.

The Refresh checkbox at the top of the page controls whether or not the page automatically updates every few seconds with new data. To stop the updates, uncheck the box.

The information shown on the page contains items such as:

Host ID:

The current 32-bit host ID used by pf. This value is randomized each time the filter reloads, and the value is stored on state table entries to indicate which process created the entry.

Bytes In/Out:

Bytes transferred in and out of the firewall.

Packets In/Out:

Packets transferred in or out and passed or blocked counters for each direction.

State Table / Source Tracking Table:

Statistics about the state table and source tracking table (Firewall States).

Current Entries:

The number of entries in the table

Searches:

How many times the table has been searched and the current rate of searches, which roughly corresponds to the number of packets being passed by the firewall on current open connections.

Inserts:

The number of new states added to the table, and the rate at which the states are added.

A high insert rate indicates that there are a lot of new connections being made to or through the firewall.

Removals:

The number of old states being removed from the firewall.

Counters:

Statistics and counts for various types of special, unusual or badly formatted packets.

Limit Counters:

Counters that pertain to packets which have reached or exceeded limits configured on firewall rules, such as max states per IP address.

Table Size Limits:

State table max size, source node table size, frag table size, number of allowed tables, and maximum number of table entries.

State Timers:

The current configured timeout values for various connection states for TCP, UDP, and other protocols.

Interface Statistics:

Per-interface packet counters.