OPNsense Forum

Hi,

I apologize if this has been asked already.  I did a search and didn't find anything that answered my question.

I'm testing the new 26.1.2 release.  As part of the rule migration assistant, the last step is to perform the "Remove all legacy rules" action.

I've imported the rules and compared what's listed under "Rules" vs "Rules [New]" and I don't see anything missing/different.  Beyond that, what other validation checks should I perform before I proceed with the last step of removing legacy rules?  

I assume "Remove all legacy rules" will clear out any rules seen under under Firewall > Rules.

Thanks

If you are on ZFS you can take a system snapshot before deleting the legacy rules (ideally take one before the import step as well, but you are already past that).

Maybe do another export from "Firewall->Rules [new]" after the migration and compare the two .csv files if you really want to?

Quote from: kwo1 on March 24, 2026, 11:20:01 PMI assume "Remove all legacy rules" will clear out any rules seen under under Firewall > Rules.

Indeed, though don't expect the legacy rules UI to not show anything afterward.  This part has caused some confusion.

What you will see is that each of the sections in the legacy UI will be blank in terms of the rules that would have been managed from there, but you will still see folders for the rules on other levels.  Some have speculated that those are leftover legacy rules or somehow redundant with the ones imported to the new UI, but they aren't.

So for example if you click on an interface in the legacy UI, there won't be any interface level rules there.  However the Floating, Group, and Automatic rules will still show up:

interface-level-legacy.png

They're just being reflected there because they still exist as rules, regardless of which UI (legacy or new) they reside in.

Hope this helps.