I upgraded to 26.1. Both the upgrade and rule export/import went without a hitch.
Following the upgrade, all the NAT rules had been switched to 'Manual'. My previously linked NAT fw rules were successfully imported along with everything else. I then disabled all the old rules.
I tried switching some destination NAT rules to the 'Register rule' option. The resulting rules (quick) are visible under the new rules Inspect pane, at the bottom of the list.
Do they therefore run after all other quick rules and before all non-quick rules?
The registered DNAT rules have the lowest priority group (50000).
https://github.com/opnsense/core/blob/e0f0cbf922ff8ddf688362b78c5bc151f5ff20f3/src/etc/inc/filter.lib.inc#L664
All other priority groups are evaluated before them.
https://docs.opnsense.org/manual/firewall.html#processing-order
40000 are interface groups.
So all (quick) rules (floating, group, interface) come before the 50000 rules at the end of the ruleset.
Quote from: Monviech (Cedrik) on Today at 05:25:06 PMSo all rules (floating, group, interface) come before the NAT rules at the end of the ruleset.
Thanks @Monviech. I am still exploring but I think I will stick with the Manual option in that case. The other benefit being the rule is visible in the edit pane.