1pass in all 2pass in from any to any 3 4block in proto tcp from any to any flags FUPEW/FSRPAUEW 5block in proto tcp from any to any flags SF/SFRA 6block in proto tcp from any to any flags /SFRAW 7 8pass in proto { udp, icmp, tcp } from any to any flags S/SA 9pass in from any to any flags S/SA no state 10pass in from any to any flags any no state 11pass in from any to any flags any 12pass in from any to any keep state 13pass in from any to any 14