Netgate is offering COVID-19 aid for pfSense software users, learn more.

Editing the pf ruleset

The PF rules generated by the pfSense® firewall configuration may be found in /tmp/rules.debug. However that file cannot be edited to make persistent changes - it will be overwritten.

There is virtually never a need to manually edit the rules generated by the GUI. In most cases if it appears to be necessary, something is being configured incorrectly. Between the typical interface rules and floating rules there are few cases

If the generated rules truly must be edited, then editing /etc/inc/ which generates the ruleset is necessary.