Same rule for outbound traffic on WAN and LAN - logs action only on WAN intfc

[kpiq]

Greetings,

System Information
Name    xxxxxxx.lan
Versions    OPNsense 22.7.6-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022
Updates    Click to check for updates.
CPU type    Intel(R) Core(TM) i7-8705G CPU @ 3.10GHz (4 cores, 8 threads)

I had an outbound rule for rejecting traffic to certain countries on the WAN interface and noticed that the Live View log would not tell me the IP address of the LAN device that initiated the traffic.  Then I thought to clone the same rule on the LAN interface in hopes that the log would finally let me see which internal device was originating the traffic. 

To my surprise, only the WAN rule is logging an action.  The LAN rule (it's actually an Interface Group rule where the group name is uIGLAN) is at the top of the chain, I applied it and everything looks good, I think.

Would you look at the rule (see attachment) and help me figure out why my LAN rule is not rejecting the traffic?

Regards... 

UPDATE...

I removed the WAN and LAN rules mentioned above and created one floating rule that includes all the interfaces in my firewall.  Same parameters, reject outbound, from "any" to the country-block ALIAS.   Only the WAN interface logs an action rejecting the outbound traffic.   Shouldn't the LAN interface reject it first?   What's going on? 

[sja1440]

From your picture it seems that the rule on the lan interface (UIGLAN)  is set to fire only for outgoing traffic.

I think that you need it to fire for traffic tthat is incoming on the UIGLAN interface.