Netfilter icon



Plugin: nfacct.plugin Module: nfacct.plugin


Monitor Netfilter metrics for optimal packet filtering and manipulation. Keep tabs on packet counts, dropped packets, and error rates to secure network operations.

Netdata uses libmnl ( to collect information.

This collector is supported on all platforms.

This collector supports collecting metrics from multiple instances of this integration, including remote instances.

This plugin needs setuid.

Default Behavior


This plugin uses socket to connect with netfilter to collect data


The default configuration for this integration does not impose any limits on data collection.

Performance Impact

The default configuration for this integration is not expected to impose a significant performance impact on the system.



Install required packages

Install libmnl-dev and libnetfilter-acct-dev using the package manager of your system.



The configuration file name for this integration is netdata.conf. Configuration for this specific integration is located in the [plugin:nfacct] section within that file.

The file format is a modified INI syntax. The general structure is:

    option1 = some value
    option2 = some other value

    option3 = some third value

You can edit the configuration file using the edit-config script from the Netdata config directory.

cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata
sudo ./edit-config netdata.conf


Name Description Default Required
update every Data collection frequency. 1 False
command options Additinal parameters for collector False


There are no configuration examples.


Metrics grouped by scope.

The scope defines the instance that the metric belongs to. An instance is uniquely identified by a set of labels.

Per Netfilter instance

This scope has no labels.


Metric Dimensions Unit
netfilter.netlink_new new, ignore, invalid connections/s
netfilter.netlink_changes insert, delete, delete_list changes/s
netfilter.netlink_search searched, search_restart, found searches/s
netfilter.netlink_errors icmp_error, insert_failed, drop, early_drop events/s
netfilter.netlink_expect created, deleted, new expectations/s
netfilter.nfacct_packets a dimension per nfacct object packets/s
netfilter.nfacct_bytes a dimension per nfacct object kilobytes/s


There are no alerts configured by default for this integration.

Get Netdata

Sign up for free

Want to see a demonstration of Netdata for multiple use cases?

Go to Live Demo