1*57718be8SEnji Cooperpass in on ed0 proto tcp from localhost to localhost port = telnet keep state 2*57718be8SEnji Cooperblock in log first on lo0 proto tcp/udp from any to any port = echo keep state 3*57718be8SEnji Cooperpass in proto udp from localhost to localhost port = 20499 keep frag 4*57718be8SEnji Cooperpass in proto udp from localhost to localhost port = 2049 keep frag(strict) 5*57718be8SEnji Cooperpass in proto udp from localhost to localhost port = 53 keep state keep frags 6*57718be8SEnji Cooperpass in on ed0 out-via vx0 proto udp from any to any keep state 7*57718be8SEnji Cooperpass out on ppp0 in-via le0 proto tcp from any to any keep state 8*57718be8SEnji Cooperpass in on ed0,vx0 out-via vx0,ed0 proto udp from any to any keep state 9*57718be8SEnji Cooperpass in proto tcp from any port gt 1024 to localhost port eq 1024 keep state 10*57718be8SEnji Cooperpass in proto tcp all flags S keep state(strict,newisn,no-icmp-err,limit 101,age 600) 11*57718be8SEnji Cooperpass in proto tcp all flags S keep state(loose,newisn,no-icmp-err,limit 101,age 600) 12*57718be8SEnji Cooperpass in proto udp all keep state(age 10/20,sync) 13