It would be highly beneficial to have at least a hit counter for port forwarding/firewall policies to know how often a specific rule is being utilized. This visibility would greatly assist in hardening and narrowing down firewall rules.

My specific use case: I have a static public IP address with a subdomain pointed to it via Cloudflare, where I've set up a rule restricting access to that subdomain exclusively to my own IP. On the gateway side (ER7412-M2 / ER605), I have to configure a port forwarding rule to allow traffic coming from Cloudflare (selected Cloudflare IP ranges) to port 443 of a specific host in my LAN (NAS and Docker application).

Right now, I want to verify if only my actual traffic is being passed through, or if the Cloudflare IP range is too broad, allowing other traffic to hit my rules even when there is no activity from my personal IP. A quick insight, such as a rule hit counter (showing allowed queries) to see how tight the rule actually is, would be incredibly helpful. Furthermore, having a dedicated log for these hits would be an amazing feature.

While Cloudflare Zero Trust tunneling (feature request here: https://community.tp-link.com/en/business/forum/topic/602870?moduleId=4) somewhat solves the problem of tightening access, my request represents the absolute minimum required to manage network security independently, without relying on third-party, commercial SaaS solutions like Cloudflare Zero Trust. Therefore, this feature request remains highly relevant and justified.