Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Network Security: Firewall Rule "Hit" Counters

Display the number of packets that match each rule in the table. So you can locate unnecessary packetfilter rules. Should be able to reset the hit counter(s) as needed, along with a tooltip to show the last time(s) of the previous few hits.

294 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    PBehmerPBehmer shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    SaschaSascha shared a merged idea: Hitcount for Firewall policies  ·   · 
    ehofstedeehofstede shared a merged idea: trigger count on rules  ·   · 
    XeviousXevious shared a merged idea: Show when a packet filter rule was used for the last time.  ·   · 
    Michael SchwadorfMichael Schwadorf shared a merged idea: Trackable Packet-Filter Rule Effectiveness  ·   · 

    13 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Thomas BrewsterThomas Brewster commented  ·   ·  Flag as inappropriate

        Look into iView - it appears to have some of this functionality. But beware the iView product doesn't seem to be "fully baked" for use with the Sophos UTM yet.

      • Hans StutzHans Stutz commented  ·   ·  Flag as inappropriate

        This can be done via IPTables in Console. But it would be nice to have it in WebGUI.

      • SLSL commented  ·   ·  Flag as inappropriate

        Cisco ASA firewall has this Feature, it's great for cleaning up the Rules.

      • Marcus HockMarcus Hock commented  ·   ·  Flag as inappropriate

        This would _really_ make rule management easier - Checkpoint added this in R75.40 (yeeeeees, I know, Astaro is not Checkpoint). A very helpful feature though!
        If easier (or more efficient) than counters, "last used" field would be sufficient to find unneeded rules.

      • Michiel BeumerMichiel Beumer commented  ·   ·  Flag as inappropriate

        essential for a smooth firewall with many rules!
        While you're at it, please make it possible to filter for protocols

      • charles sterlingcharles sterling commented  ·   ·  Flag as inappropriate

        Currently the archived logs exclude info like "country block" reference so you are forced to sort by rule and then lookup the rules in these groups to locate problem areas.

      • ScottScott commented  ·   ·  Flag as inappropriate

        I think this and other real-time statistics throughout WebAdmin would be great!

      Feedback and Knowledge Base