Active Gateway (from a group) dependent rules



  • Is it possible to set up firewall rules that are dependent on which gateway from a gateway group is the active gateway? If so, how?

    Use case: We have a multi-wan setup. WAN1 and WAN2 are reasonably high speed but WAN3 is a 4G router and is quite slow. WAN3 is the 3rd tier in the gateway group. In an emergency situation where we are actively using WAN3, I want to be able to block all non-essential traffic.

    For now, I've set up some rules that are normally disabled and can enable them when I know that we've failed over to WAN3, but I'd like that to be automatic. Ideally I'd like the active gateway to be a criteria on the rule, but that option doesn't existing (that I can see).