1anchor on tun1000000 all { 2 anchor "foo" out all { 3 pass proto tcp from any to any port = 1234 flags S/SA keep state 4 anchor proto tcp from any to any port = 2413 user = 0 label "foo" { 5 block drop all 6 pass inet from 127.0.0.1 to any flags S/SA keep state 7 } 8 } 9 pass in proto tcp from any to any port = 1234 flags S/SA keep state 10} 11