Editing the pf ruleset¶
The PF rules generated by the pfSense® firewall configuration may be found in /tmp/rules.debug. However that file cannot be edited to make persistent changes - it will be overwritten.
There is virtually never a need to manually edit the rules generated by the GUI. In most cases if it appears to be necessary, something is being configured incorrectly. Between the typical interface rules and floating rules there are few cases
If the generated rules truly must be edited, then editing /etc/inc/filter.inc which generates the ruleset is necessary.