Dropped packets summary

  • Hello there,

    I am trying to get out of my 2.4.1 pfsense box a kind of summary of blocked/rejected packets on the wan interface.
    My wan interface firewall rules are pretty simple :

    • block rfc 1918 networks ( part of block bogon networks )
    • reserved not assigned by IANA  ( part of block bogon networks )
    • pass a particular port

    Now, by default whatever is not specified here is blocked, and if I filter for my wan's ip on System Logs -> Firewall as destination, I can see all blocked as per the implicit rules above.

    Thing is I would like to get some stats/number of the packets dropped by the firewall on the wan interface. The closest thing I found is in System Logs -> Firewall -> Summary View. The problem with it is that this is an overall report based on all interfaces, not just one.

    For now I have added an extra rule at the bottom which rejects everything else just for having some details about that under the states column as per the attachment.

    Is there a better way to get out some stats about packets blocked by pf on the wan interface perhaps ?

    I have investigated netstat as well but with no results.
    ![Screen Shot 2017-11-04 at 11.34.14.png_thumb](/public/imported_attachments/1/Screen Shot 2017-11-04 at 11.34.14.png_thumb)
    ![Screen Shot 2017-11-04 at 11.34.14.png](/public/imported_attachments/1/Screen Shot 2017-11-04 at 11.34.14.png)

Log in to reply