Interface-Perspective | Ingress-Egress | Inbound-Outbound

MrD

Hello,

I have read /watched/listened a lot about floating rules, interface rules. I feel I do not fully understand Ingress-Egress | Inbound-Outbound |Interface-Perspective…

Here is a scheme of my understanding at this point. Do you think it is correct ?

1. Talking about Ingress-Egress | Inbound-Outbound :
   Ingress = Inbound
   Egress = Outbound
   Is this point OK/Acceptable for you ?

2. traffic shapper rules do apply on PF Interface Out | Egress-Outbound
   See sketch Traffic Shaping Rules Basic
   

3. Interface rule do apply on PF interface In | Ingress-Inbound
   See sketch Firewall / Interface Rules Basic
   

4. Firewall perspective do not really exist. You can’t apply a rule on the firewall interface. You only apply rules on interface like WAN, LAN, VLAN…
   In many readings or videos, firewall perspective and interface perspective is foggy. Sometimes So it is difficult to understand that upload rule is applied on « In » oft the LAN. It’s getting worst when talking about LAN perspective… it would be more precise to talk only about firewall perspective. LAN interface connected to firewall but on firewall perspective.
   See Traffic Shaping Rules Ext or Firewall / Interface Rules Ext
   
   

As you see, in my drawing, there are an In and Out interface adjoined one on PF and one on the interface (WAN or LAN or VLAN…)
So for example a download traffic can be summurized like :
WAN interface Out
PF interface In
PF Interface Out
LAN interface In

I know « PF interface In » and « PF interface Out » do not really exist. It is more « WAN interface Out » On firewall perspective or « LAN interface In » on firewall perspective…

Do you agree with this overall observation ? Would you summurize it another way ?

Thanks for your ideas, questions, informations... curious about exchange!