Rules processing order



  • Hello,

    I am playing with pfsense 2.0 release, and have been reading about the floating rules.  A few questions keep popping up:

    page 141 and 142 of the pfsense book show the order of rules (and nat and tcpdump): Lan firewall rules are applied on sessions initiated from the lan side and Wan rules are applied on sessions initiated from the Wan side.  With floating rules, how has the order been changed?

    For example: If I have Lan rules and floating rules controlling sessions from the lan, which rules get processed first?  Does that mean that if there are no floating rules at all, the default floating rule policy is "pass"?

    –jason



  • Floating rules come before the interface rules. It's otherwise all the same as covered in the book.


Locked