Transparent Proxy Bypass on Schedule

[Algol]

I have configured an OPNsense firewall with the transparent proxy functionality, by following the documentation.
This is working as expected.
I was asked to disable proxy filtering based on a schedule. As they want to allow unfiltered access to the internet during lunch hours.

I have not been able to get this to work, by doing a manual filter rule association from the NAT Port-Forward rule used for the transparent proxy, with a firewall rule with a schedule.

It seems that the NAT rules are applied before the filter/regular rules. So in the logs I still see source IPs as 127.0.0.1 which is what the NAT port redirect rule is doing.

Are NAT rules applied before any other rules?
Is there a way to disable/enable NAT rules based on a schedule?
Am I missing something or misunderstanding how this is supposed to work?

Thanks in advance for any help.

[Fright]

It seems that the NAT rules are applied before the filter/regular rules

Yes, that is right. thats how pf works

Is there a way to disable/enable NAT rules based on a schedule?

I think you can try to do this not by switching the translation rules, but by applying the time ACL in squid
https://wiki.squid-cache.org/SquidFaq/SquidAcl#How_can_I_allow_some_clients_to_use_the_cache_at_specific_times.3F