Netgate SG-1000 microFirewall

Author Topic: Dropped packets summary  (Read 109 times)

0 Members and 1 Guest are viewing this topic.

Offline gettons

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Dropped packets summary
« on: November 04, 2017, 06:33:19 am »
Hello there,

I am trying to get out of my 2.4.1 pfsense box a kind of summary of blocked/rejected packets on the wan interface.
My wan interface firewall rules are pretty simple :

- block rfc 1918 networks ( part of block bogon networks )
- reserved not assigned by IANA  ( part of block bogon networks )
- pass a particular port

Now, by default whatever is not specified here is blocked, and if I filter for my wan's ip on System Logs -> Firewall as destination, I can see all blocked as per the implicit rules above.

Thing is I would like to get some stats/number of the packets dropped by the firewall on the wan interface. The closest thing I found is in System Logs -> Firewall -> Summary View. The problem with it is that this is an overall report based on all interfaces, not just one.

For now I have added an extra rule at the bottom which rejects everything else just for having some details about that under the states column as per the attachment.

Is there a better way to get out some stats about packets blocked by pf on the wan interface perhaps ?

I have investigated netstat as well but with no results.