How to make a Floating Rule to actually match for Traffic Shaping

  • When making floating rules for traffic shaping from what point of view are all the in / out references meaning? Also which interface should be selected? Plus how does this relate to Source and Destination fields?

    For example we want to set up a default catch all rule for our guest network

    When a guest is uploading content to the internet and packets are arriving in to the LAN2 interface, going through pfSense and out of the WAN_Main interface (part of the WAN_Group), I would expect the following to be the case, but a rule with these settings it does not work

    • Interface: WAN_Group
    • Direction: out
    • Source: LAN2 net
    • Destination: Any

    In desperation we tried to make 2 rules to match anything, but it this doesn't work either

    • Interfaces: WAN_Group, WAN_Main, WAN_Backup, LAN2
    • Direction: any
    • Source in 1 rule, Destination in the other: LAN2 net
    • Dest / Src oposite of the above: any

    Also how do we then apply these ideas with traffic originating from or going to pfSense, such as an OpenVPN client in pfSense? Then on the Status / Queues page how does the above match up to these numbers?

    Coming from someone who has used QoS on zeroshell extensively I'm missing some key point, and am finding the documentation ambiguous.

    Edit: When I say it doesn't work, I mean that it doesn't match the traffic and put the traffic in the appropriate queue. Traffic remains in the default queue instead.