Firewall rules are applied in the order in which they exist in the rule table.
About this task
Rules are displayed (and enforced) in the following order:
User-defined pre rules have the highest priority and are enforced in top-to-bottom ordering with a per-virtual NIC level precedence.
Local rules defined at an NSX Edge level.
Service Composer rules - a separate section for each policy. You cannot edit these rules in the Firewall table, but you can add rules at the top of a security policy firewall rules section. If you do so, you must re-synchronize the rules in Service Composer. For more information, see Service Composer.
Default Distributed Firewall rule
You can move a custom rule up or down in the table. The default rule is always at the bottom of the table and cannot be moved.
- In the Firewall tab, select the rule that you want to move.
- Click the Move rule up () or Move rule down () icon.
- Click Publish Changes.