Error while moving firewall policy

You get that error if you try to move a policy in relation to an ID from another grouping. For example, moving a policy from Wan->Lan to Lan->Wan.

you try to move your policy by it' s ID. but in 4.3 by default the Firewall Policy page shows the policy order on the left side. (Column Name " Seq.#" ) You need to enable the " ID" column in the column settings to see where to really move the policy.

Yes that is annoying. I can see why the sequence number is useful but dropping the policy ID in favour of it is not helpful. I was filtering logs for traffic by what I thought was the policy ID. It was instead the sequence number. Took some head scratching to work that out.

I can confirm that I am using the Policy ID and not the sequence number. Before the upgrade I could move policies in any order irrespective of the interface pair above or below it. Now when I try to move policies below or above a policy ID using a different interface pair it' s throwing an error: Moving a policy from one interface/zone pair to a different interface/zone pair is not permitted But it doesn' t make sense as I am not trying to edit the policy and change the interface pair. I am just changing the rule location!!

It is a bug... I have had the same issue since 4.3.2. From what I know it only happens when you have one or more policies that use the " any" interface. You should be able to move the policy from the CLI. This is my only work around right now.

Thanks for that. We have figured that out. The secion views are disabled once you have an any interface in one of the rules