Please, make the missed counters to be available along the hit counters. Everywhere where possible.
Yes, I know that I can make final accept rule to collect the rest (missed) packets statistics, but having the miss counters on each rule available will help to optimize the firewall rule set.
I am sure that the value is easy to get, because if I can get how many times the rule was successfull, the system is also able to count how many times the rule was not successfull.
The missed bytes counter could be implemented together with missed packets counter.
Not sure how to handle the passed thru rules, even they were hit. Maybe another counter - passed ?
Thank you.