Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Fortiswiss
New Contributor

How to " Clear all traffic counter from CLI"

I tried to find information to clear all traffic counters of a VDOM There is a description on the GUI: http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&externalId=FD32921 but this needs to be done for each policy... How can I do this for a whole VDOM? Thanx for any hint...
10 REPLIES 10
Paul_Dean
Contributor

Hi Fortiswiss, The policy view has a checkbox top left (under the Create New button) which selects all policies. Once they are all selected you can right click on a policy and clear counters for all selected policies. Is that what you were after? Paul
NSE4
NSE4
Fortiswiss
New Contributor

Hi Paul, thanx This works with " MR2 Patch 9" ! But with " MR3 Patch 2" I miss this check box... (the one for all, and also for each policy) Fortiswiss
Paul_Dean
Contributor

It' s there on my FG0C running MR3 patch 1 but not on a FG80C running MR3 patch 2. Odd.
NSE4
NSE4
Jordan_Thompson_FTNT

From the CLI, you can try:- diagnose firewall iprope clear 100004 In MR3, you can achieve the same thing in the GUI by clicking on the first policy you would like to reset, hold down shift, and select the last policy. You can then right click to reset the counters.
hklb

Hello,

 

Is someone has tested this command on FortiOS 5.4.7 (diagnose firewall iprope clear 100004 ) ?

 

In my lab, the hit counter isn't reset...

 

Lucas

ede_pfau
Esteemed Contributor III

Confirmed on a 60E, v5.4.7, that the counters are reset.

Do you see reasonable values with 'diag fire iprope show 100004 <policy-ID>', compared to the GUI values?


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
hklb
Contributor II

I have a strange behavior.. In CLI, when I run the command, it looks good.. But when I ping from my computer to my server, the hit count restart from the previous value, not from 0. If I reset from web interface, the counter start from 0

 

Here the the debug output (FGT51E) :

FGT-Remote (R2) # diagnose firewall iprope show 100004 1 idx=1 pkts/bytes=310/32122 asic_pkts/asic_bytes=0/0flag=0x0 hit count:41 first:2018-01-18 18:29:04 last:2018-01-18 18:52:42

FGT-Remote (R2) # diagnose firewall iprope clear 100004

FGT-Remote (R2) # diagnose firewall iprope show 100004 1 idx=1 pkts/bytes=0/0 asic_pkts/asic_bytes=0/0flag=0x0

 

#ping from my computer

FGT-Remote (R2) # diagnose firewall iprope show 100004 1

idx=1 pkts/bytes=2/120 asic_pkts/asic_bytes=0/0flag=0x0 hit count:42 first:2018-01-18 18:53:00 last:2018-01-18 18:53:00

 

#reset on web interface

FGT-Remote (R2) # diagnose firewall iprope show 100004 1 idx=1 pkts/bytes=0/0 asic_pkts/asic_bytes=0/0flag=0x0

FGT-Remote (R2) # diagnose firewall iprope show 100004 1

 

#ping from my computer

FGT-Remote (R2) # diagnose firewall iprope show 100004 1 idx=1 pkts/bytes=2/120 asic_pkts/asic_bytes=0/0flag=0x0 hit count:1 first:2018-01-18 18:58:32 last:2018-01-18 18:58:32

 

Same behavior on my FGT300D

LAB-FG300D (New-Lab) # diagnose firewall iprope show 100004 136 idx=136 pkts/bytes=10885449/5234321004 asic_pkts/asic_bytes=3019453/2048360614flag=0x0 hit count:58343 first:2017-12-05 18:54:10 last:2018-01-18 19:00:16

LAB-FG300D (New-Lab) # diagnose firewall iprope clear 100004

LAB-FG300D (New-Lab) # diagnose firewall iprope show 100004 136 idx=136 pkts/bytes=0/0 asic_pkts/asic_bytes=3019453/2048360614flag=0x0

LAB-FG300D (New-Lab) # diagnose firewall iprope show 100004 136 idx=136 pkts/bytes=2/120 asic_pkts/asic_bytes=3019453/2048360614flag=0x0 hit count:58344 first:2018-01-18 19:02:29 last:2018-01-18 19:02:29

 

Lucas

emnoc
Esteemed Contributor III

Try this

 

cli-cmd diagnose firewall iprope clear 100004  <insert  the policy #>

 

e.g

 

 

diagnose firewall iprope clear 100004 136

 

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
hklb
Contributor II

It works fine if I specify the policy ID..

 

I found a KB : http://kb.fortinet.com/kb/viewContent.do?externalId=FD36666&sliceId=1

If we ommit the ID, it should reset the value for all firewall policy..

 

One more case to open..... 

 

Lucas

Labels
Top Kudoed Authors