Floating rules set to match and LAN rules
-
I'm trying to force traffic to queues.
What happens to a floating rule that matches with quick match set? The packet is neither rejected or passed at this point, when the LAN rule is evaluated and matched, is the packet sent to the queue specified in the LAN rule?
Or is the queue fields in the LAN rule a field that needs to match in order for packets to match the LAN rule, it's a bit confusing as its in the same section as TCP Flags and OS etc.
pfsense 2.3
-
https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order
The tl;dr version of user-defined rule processing is:
Rules defined on the floating tab are processed first
Rules defined on interface group tabs (Including OpenVPN) are processed
Rules defined on interface tabs (WAN, LAN, OPTx, etc) are processed lastAnd remember, PFSense doesn't look at "packets", it only looks at the first packet. All subsequent packets for a flow are not evaluated.