diff --git a/go-controller/pkg/metrics/master.go b/go-controller/pkg/metrics/master.go
index 2bfc4f9abb9..beda0bdfc68 100644
--- a/go-controller/pkg/metrics/master.go
+++ b/go-controller/pkg/metrics/master.go
@@ -163,6 +163,13 @@ var metricEgressIPCount = prometheus.NewGauge(prometheus.GaugeOpts{
 	Help:      "The number of defined egress IP addresses",
 })
 
+var metricEgressFirewallRuleCount = prometheus.NewGauge(prometheus.GaugeOpts{
+	Namespace: MetricOvnNamespace,
+	Subsystem: MetricOvnkubeSubsystemMaster,
+	Name:      "num_egress_firewall_rules",
+	Help:      "The number of egress firewall rules defined"},
+)
+
 var registerMasterMetricsOnce sync.Once
 var startE2ETimeStampUpdaterOnce sync.Once
 
@@ -238,6 +245,7 @@ func RegisterMasterMetrics(nbClient, sbClient goovn.Client) {
 		prometheus.MustRegister(metricV4AllocatedHostSubnetCount)
 		prometheus.MustRegister(metricV6AllocatedHostSubnetCount)
 		prometheus.MustRegister(metricEgressIPCount)
+		prometheus.MustRegister(metricEgressFirewallRuleCount)
 		registerWorkqueueMetrics(MetricOvnkubeNamespace, MetricOvnkubeSubsystemMaster)
 	})
 }
@@ -314,3 +322,8 @@ func RecordSubnetCount(v4SubnetCount, v6SubnetCount float64) {
 func RecordEgressIPCount(count float64) {
 	metricEgressIPCount.Set(count)
 }
+
+// UpdateEgressFirewallRuleCount records the number of Egress firewall rules.
+func UpdateEgressFirewallRuleCount(count float64) {
+	metricEgressFirewallRuleCount.Add(count)
+}
diff --git a/go-controller/pkg/ovn/ovn.go b/go-controller/pkg/ovn/ovn.go
index 57e88707851..cc118fdaef8 100644
--- a/go-controller/pkg/ovn/ovn.go
+++ b/go-controller/pkg/ovn/ovn.go
@@ -753,6 +753,7 @@ func (oc *Controller) WatchEgressFirewall() *factory.Handler {
 			if err != nil {
 				klog.Error(err)
 			}
+			metrics.UpdateEgressFirewallRuleCount(float64(len(egressFirewall.Spec.Egress)))
 		},
 		UpdateFunc: func(old, newer interface{}) {
 			newEgressFirewall := newer.(*egressfirewall.EgressFirewall).DeepCopy()
@@ -777,6 +778,7 @@ func (oc *Controller) WatchEgressFirewall() *factory.Handler {
 				if err != nil {
 					klog.Error(err)
 				}
+				metrics.UpdateEgressFirewallRuleCount(float64(len(newEgressFirewall.Spec.Egress) - len(oldEgressFirewall.Spec.Egress)))
 			}
 		},
 		DeleteFunc: func(obj interface{}) {
@@ -791,6 +793,7 @@ func (oc *Controller) WatchEgressFirewall() *factory.Handler {
 			if err != nil {
 				klog.Errorf("Failed to commit db changes for egressFirewall in namespace %s stdout: %q, stderr: %q, err: %+v", egressFirewall.Namespace, stdout, stderr, err)
 			}
+			metrics.UpdateEgressFirewallRuleCount(float64(-len(egressFirewall.Spec.Egress)))
 		},
 	}, oc.syncEgressFirewall)
 }