I think it would be useful to have the configured description as a column when looking at "show firewall" commands, particularly with the "show firewall statistics" command as it doesn't indicate any details of the rule. Output would be like this:
show firewall:
Rulesets Information --------------------------------- ipv4 Firewall "forward filter" Rule Description Action Protocol Packets Bytes Conditions ------- ---------------------------------------- -------- ---------- --------- ------- ------------------------------------------------------------------------------ 5 Allow return traffic from inside network offload all 4121 259306 ct state { established, related } flow add @VYOS_FLOWTABLE_FLOW1 10 accept all 4121 259306 ct state { established, related } accept 15 Drop Invalid State drop all 0 0 ct state invalid 20 Bogons drop all 0 0 ip daddr @N_BOGONS oifname "eth0.4040" prefix "[ipv4-FWD-filter-20-D]" 25 Allow Ping accept icmp 0 0 meta l4proto icmp oifname "eth0.4040" prefix "[ipv4-FWD-filter-25-A]" accept 35 Allow iPerf accept tcp_udp 0 0 meta l4proto { tcp, udp } th dport 5201 oifname "eth0.4040" accept 40 Allow access to GNS3 accept tcp 0 0 meta l4proto tcp ip daddr 10.0.95.24 oifname "eth0.4040" accept 45 Traffic from Gaming PC accept all 0 0 ip saddr 10.0.201.0/24 iifname "eth0.201" accept 50 Stealthwatch SMC accept tcp 0 0 ip daddr 10.0.95.205 tcp dport 443 accept 55 Stealthwatch Flow Collector accept udp 1310 1096956 ip daddr 10.0.95.206 udp dport 2055 accept 60 Allow all from Inside accept all 754 40144 iifname @I_Inbound_Interfaces accept 10001 jump to jump_test jump all 0 0 ip saddr 10.1.2.3 jump NAME_jump_test default drop all 0 0 --------------------------------- ipv4 Firewall "name jump_test" Rule Description Action Protocol Packets Bytes Conditions ------- ------------- -------- ---------- --------- ------- ------------ 10 jump test drop all 0 0 default drop all 0 0 --------------------------------- ipv6 Firewall "forward filter" Rule Description Action Protocol Packets Bytes Conditions ------- ------------- -------- ---------- --------- ------- ------------ 10 TEST accept all 0 0 accept default accept all 0 0 --------------------------------- bridge Firewall "forward filter" Rule Description Action Protocol Packets Bytes Conditions ------- ------------- -------- ---------- --------- ------- ------------ 10 accept all 0 0 accept default accept all 0 0
show firewall statistics:
Rulesets Statistics --------------------------------- ipv4 Firewall "forward filter" Rule Description Packets Bytes Action Source Destination Inbound-Interface Outbound-interface ------- ---------------------------------------- --------- ------- -------- ------------- ------------- ------------------- -------------------- 5 Allow return traffic from inside network 3822 240492 offload any any any any 10 3822 240492 accept any any any any 15 Drop Invalid State 0 0 drop any any any any 20 Bogons 0 0 drop any BOGONS any eth0.4040 25 Allow Ping 0 0 accept any any any eth0.4040 35 Allow iPerf 0 0 accept any any any eth0.4040 40 Allow access to GNS3 0 0 accept any 10.0.95.24 any eth0.4040 45 Traffic from Gaming PC 0 0 accept 10.0.201.0/24 any eth0.201 any 50 Stealthwatch SMC 0 0 accept any 10.0.95.205 any any 55 Stealthwatch Flow Collector 1212 1015732 accept any 10.0.95.206 any any 60 Allow all from Inside 696 37056 accept any any Inbound_Interfaces any 10001 jump to jump_test 0 0 jump 10.1.2.3 any any any default 0 0 drop any any any any --------------------------------- ipv4 Firewall "name jump_test" Rule Description Packets Bytes Action Source Destination Inbound-Interface Outbound-interface ------- ------------- --------- ------- -------- -------- ------------- ------------------- -------------------- 10 jump test 0 0 drop any any any any default 0 0 drop any any any any --------------------------------- ipv6 Firewall "forward filter" Rule Description Packets Bytes Action Source Destination Inbound-Interface Outbound-interface ------- ------------- --------- ------- -------- -------- ------------- ------------------- -------------------- 10 TEST 0 0 accept any any any any default 0 0 accept any any any any --------------------------------- bridge Firewall "forward filter" Rule Description Packets Bytes Action Source Destination Inbound-Interface Outbound-interface ------- ------------- --------- ------- -------- -------- ------------- ------------------- -------------------- 10 0 0 accept any any any any default 0 0 accept any any any any