i think you never see blocked connection in datapath because are "blocked",
you can see firewall hits counters
maybe you can see somethin in syslog if you enable it and creade a block rule with log flag in firewall if you want to see discarded connection details
for example this is my blocked session log
"Jan 18 09:33:00 :124006: <WARN> |authmgr| {24} ICMP srcip=192.168.0.100 dstip=192.168.1.128, type=8, code=0, sequence=2091, id=8214, action=deny, role=Ospiti-guest-logon, policy=bloccaspoof