convert automatic rules to manual ones

[Byter09]

I was unsure if this belongs in https://github.com/crowdsecurity/opnsense-plugin-crowdsec/issues/22 but I guess its a different topic, so I'm opening a new issue.

I have been playing around with the idea of "catching" banned IPs and if they're trying to access SSH for example, I'd love to reroute them to a SSH tarpit. Sadly, because of where the automatic firewall rules are created, this is impossible.

The only thing one can do now before the connection is dropped is NAT routing, which doesn't help reach this goal.

Is there a way to convert those automatic rules to manual ones? Or, even better, is it possible to move these automatic rules from floating to WAN for example? That way I can use floating (as it gets evaluated first) to redirect them to a SSH tarpit.