Using Action: Match for Gateway

  • I would like to be able to assign a gateway without specifying whether the traffic is passed or blocked.

    So I tried creating a floating rule with the action of Match and it appears that doing so doesn't even create the "route-to" part. To confirm I ran the command pfctl -s rules and the gateway (route-to) setting doesn't even appear when using Match.

    Is this a bug in pfSense, or is there truly no way to do what I'm attempting here.

  • Rebel Alliance Developer Netgate

    The match action is primarily for traffic shaping/queuing and won't do what you want.

    You can only use a gateway on pass rules, so it really only makes sense to assign a gateway when allowing traffic into the firewall in nearly all cases.

    What is it that you believe will be easier to accomplish using this kind of technique?

  • Ok thanks for the clarification. I just wanted to keep things simpler, and only have to set/manage that rule in one place instead of for each pass rule.

Log in to reply