OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: JasMan on July 16, 2022, 02:08:11 pm

Title: [SOLVED] Firewall rules statistic counters: after what time will they be reset?
Post by: JasMan on July 16, 2022, 02:08:11 pm

Hey,

I'm often looking onto the "Inspect" page of my firewall rules to check if a rule has been hit.
Now I noticed that the statistics get reset after a short time (1 or 2 hours). As far as I can remember the counters have been never reseted in the past, only if I reloaded the rules.

Is this a new behaviour in 22.1?

Jas Man

Title: Re: Firewall rules statistic counters: after what time will they be reset?
Post by: JasMan on July 23, 2022, 03:19:27 pm

Hi again,

The reset of the counters happens every 15 minutes. It's caused by the scheduled filter reload script, which is executed every 15 minutes when a schedule rule is active. I created a schedule rule some weeks ago, and I didn't saw the connection between this two things until today.

I guess it is not a bug, more an expected behaviour. Not really nice, but OK when you know it.

Make it sense to open a feature request for this?

Title: Re: Firewall rules statistic counters: after what time will they be reset?
Post by: fabianodelg on August 01, 2022, 11:25:47 am

Quote from: JasMan on July 23, 2022, 03:19:27 pm

Hi again,

The reset of the counters happens every 15 minutes. It's caused by the scheduled filter reload script, which is executed every 15 minutes when a schedule rule is active. I created a schedule rule some weeks ago, and I didn't saw the connection between this two things until today.

I guess it is not a bug, more an expected behaviour. Not really nice, but OK when you know it.

Make it sense to open a feature request for this?

Interesting as I don't have any scheduled rule but the counters are reset on a regular basis (not sure about the interval of time between reset but it's quite frequent..)

I wonder if there's any way to fix this behavior (I use the Inspect function quite a lot to keep under control how some specific rules behave..., number of it's and amount of data).

Any idea on how to stop the 'reset'?

Thanks :)

Title: Re: [SOLVED] Firewall rules statistic counters: after what time will they be reset?
Post by: franco on August 01, 2022, 11:28:45 am

This does happen on a full pfctl -f run. There isn't any way to retain the previous data if all rules are cleared and readded. They might have changed and there is no way to correlate any of this with previous rules (and their stats).

I think there are ways to modify individual pf rules so that in general stats are retained because other rules are not modified, but that won't work for our system integration.


Cheers,
Franco

Title: Re: [SOLVED] Firewall rules statistic counters: after what time will they be reset?
Post by: JasMan on August 01, 2022, 02:05:39 pm

Thank you @franco.
I will close my feature request #5915 with your answer.