Statistics Via Labels

label creates counters for statistics

pass log proto { tcp, udp } to $emailserver port smtp \
     label "mail-in"
pass log proto { tcp, udp } from $emailserver to port smtp \
     label "mail-out"

shows up with pfctl -vs rules, human readable:

$ pfctl -vs rules
pass inet proto tcp from any to 192.0.2.225 port = smtp flags S/SA keep state label "mail-in"
[ Evaluations: 1664158 Packets: 1601986 Bytes: 763762591 States: 0 ]
[ Inserted: uid 0 pid 24490 ]
pass inet proto tcp from 192.0.2.225 to any port = smtp flags S/SA keep state label "mail-out"
[ Evaluations: 2814933 Packets: 2711211 Bytes: 492510664 States: 0 ]
[ Inserted: uid 0 pid 24490 ] 

or to feed to a script:

$ sudo pfctl -vsl
mail-in 1664158 1601986 763762591 887895 682427415 714091 81335176
mail-out 2814933 2711211 492510664 1407278 239776267 1303933 252734397

label, evaluations, packets passed, bytes passed, packets in, bytes in, packets out, bytes out