What is the meaning of the "Quick" option:
-
What is the meaning of the Quick Option in the Floating rules? And in which purposes i have to use the Floating rules?
The reason for my question is that i have configured CARP on my pfSense Firewallcluster and i can ping the "non CARP" LAN interfaces of the 2 machines but not the shared interface from the LAN. Since the Floating rules can be used for all interfaces i decided to create Rules for diagnostic purpuses (ICMP rules from and to several networks) into this container for a quick overview.
When i create a rule which passes ICMP traffik to the shared interface it only works when i enable the "Quick" option, if i disable the option no ICMP requests are answered. -
quick means that the firewall will stop processing rules when it hits a match. If you don't use quick, it's last-match-wins instead of first-match-wins.
All of the rules on normal interfaces (wan, lan, etc) have quick enabled internally by pfSense.
Floating rules can be used to control how traffic is allowed to leave the firewall itself (though if it matches a rule on any other interface, it would be bypassed because it would already have an existing state).
Pretty much "If you don't know what they do, you probably don't need them" :-)
There is no reason you should need floating rules to do what you are talking about. A pass rule for ICMP on the normal interface rules should suffice. If you really want to allow it in on all interfaces, an Interface Group would be more appropriate, though a floating rule may get the job done.
