diff --git a/api/models/firewall_option_entry.go b/api/models/firewall_option_entry.go
index 37669c6b..a3ac936f 100644
--- a/api/models/firewall_option_entry.go
+++ b/api/models/firewall_option_entry.go
@@ -20,6 +20,9 @@ type FirewallOptionEntry struct {
 	// Allow any matching rule
 	Allow bool `json:"allow,omitempty"`
 
+	// traffic counters
+	Counter string `json:"counter,omitempty"`
+
 	// Drop any matching rule
 	Drop bool `json:"drop,omitempty"`
 
diff --git a/api/restapi/embedded_spec.go b/api/restapi/embedded_spec.go
index e0d69080..8839a021 100644
--- a/api/restapi/embedded_spec.go
+++ b/api/restapi/embedded_spec.go
@@ -3892,6 +3892,10 @@ func init() {
           "description": "Allow any matching rule",
           "type": "boolean"
         },
+        "counter": {
+          "description": "traffic counters",
+          "type": "string"
+        },
         "drop": {
           "description": "Drop any matching rule",
           "type": "boolean"
@@ -8612,6 +8616,10 @@ func init() {
           "description": "Allow any matching rule",
           "type": "boolean"
         },
+        "counter": {
+          "description": "traffic counters",
+          "type": "string"
+        },
         "drop": {
           "description": "Drop any matching rule",
           "type": "boolean"
diff --git a/api/restapi/handler/firewall.go b/api/restapi/handler/firewall.go
index 08200390..dae39267 100644
--- a/api/restapi/handler/firewall.go
+++ b/api/restapi/handler/firewall.go
@@ -156,6 +156,7 @@ func ConfigGetFW(params operations.GetConfigFirewallAllParams) middleware.Respon
 		tmpOpts.Trap = FW.Opts.Trap
 		tmpOpts.Record = FW.Opts.Record
 		tmpOpts.FwMark = int64(FW.Opts.Mark)
+		tmpOpts.Counter = FW.Opts.Counter
 
 		tmpResult.RuleArguments = &tmpRule
 		tmpResult.Opts = &tmpOpts
diff --git a/api/swagger.yml b/api/swagger.yml
index 06a1a11e..afa200b8 100644
--- a/api/swagger.yml
+++ b/api/swagger.yml
@@ -3215,6 +3215,10 @@ definitions:
       fwMark:
         type: integer
         description: Set a fwmark for any matching rule
+      counter:
+        type: string
+        description: traffic counters
+
 
   FirewallRuleEntry:
     type: object
@@ -3359,4 +3363,4 @@ definitions:
       retryCount:
         type: integer
         format: uint8
-        description: Retry Count to detect failure      
\ No newline at end of file
+        description: Retry Count to detect failure
diff --git a/common/common.go b/common/common.go
index 96915cd6..dde275cb 100644
--- a/common/common.go
+++ b/common/common.go
@@ -398,6 +398,8 @@ type FwOptArg struct {
 	Allow bool `json:"allow"`
 	// Mark - Mark the matching rule
 	Mark uint32 `json:"fwMark"`
+	// Counter - Traffic counter
+	Counter string `json:"counter"`
 }
 
 // FwRuleArg - Information related to firewall rule
diff --git a/loxinet/rules.go b/loxinet/rules.go
index a034239e..3e1351e0 100644
--- a/loxinet/rules.go
+++ b/loxinet/rules.go
@@ -1584,6 +1584,9 @@ func (R *RuleH) GetFwRule() ([]cmn.FwRuleMod, error) {
 		ret.Opts.Mark = fwOpts.opt.fwMark
 		ret.Opts.Record = fwOpts.opt.record
 
+		data.Fw2DP(DpStatsGetImm)
+		ret.Opts.Counter = fmt.Sprintf("%v:%v", data.stat.packets, data.stat.bytes)
+
 		// Make FwRule
 		res = append(res, ret)
 	}
@@ -2417,6 +2420,22 @@ func (r *ruleEnt) Nat2DP(work DpWorkT) int {
 // Fw2DP - Sync state of fw-rule entity to data-path
 func (r *ruleEnt) Fw2DP(work DpWorkT) int {
 
+	if work == DpStatsGet || work == DpStatsGetImm {
+		nStat := new(StatDpWorkQ)
+		nStat.Work = work
+		nStat.Mark = uint32(r.ruleNum)
+		nStat.Name = MapNameFw4
+		nStat.Bytes = &r.stat.bytes
+		nStat.Packets = &r.stat.packets
+
+		if work != DpStatsGetImm {
+			mh.dp.ToDpCh <- nStat
+		} else {
+			DpWorkSingle(mh.dp, nStat)
+		}
+		return 0
+	}
+
 	nWork := new(FwDpWorkQ)
 
 	nWork.Work = work