pass out quick on lo0 all
pass out quick on xl0 all
pass out quick on dc0 proto tcp from any to any port = http flags S/FSRPAU keep state
pass out quick on dc0 proto tcp from any to any port = https flags S/FSRPAU keep state
pass out quick on dc0 proto tcp from any to any port = pop3 flags S/FSRPAU keep state
pass out quick on dc0 proto tcp from any to any port = smtp flags S/FSRPAU keep state
pass out quick on dc0 proto tcp from any to any port = time flags S/FSRPAU keep state
pass out quick on d0c0 proto tcp from any to any port = ftp flags S/FSRPAU keep state
pass out quick on dc0 proto tcp from any to any port = ssh flags S/FSRPAU keep state
pass out quick on dc0 inet proto icmp from any to any icmp-type echo keep state
block out log first quick on dc0 all
pass in quick on lo0 all
pass in quick on xl0 all
block in quick on dc0 inet from 192.168.0.0/16 to any
block in quick on dc0 inet from 172.16.0.0/12 to any
block in quick on dc0 inet from 10.0.0.0/8 to any
block in quick on dc0 inet from 127.0.0.0/8 to any
block in quick on dc0 inet from 0.0.0.0/8 to any
block in quick on dc0 inet from 169.254.0.0/16 to any
block in quick on dc0 inet from 192.0.2.0/24 to any
block in quick on dc0 inet from 204.152.64.0/23 to any
block in quick on dc0 inet from 224.0.0.0/3 to any
block in quick on dc0 from any to any with frag
block in quick on dc0 proto tcp from any to any with short
block in quick on dc0 inet from any to any with opt lsrr
block in quick on dc0 inet from any to any with opt ssrr
block in log first quick on dc0 proto tcp from any to any flags FPU/FSRPAU
block in quick on dc0 from any to any with ipopts
block in quick on dc0 inet proto icmp from any to any icmp-type echo
block in quick on dc0 proto tcp from any to any port = auth
block in log first quick on dc0 proto tcp/udp from any to any port = netbios-ns
block in log first quick on dc0 proto tcp/udp from any to any port = netbios-dgm
block in log first quick on dc0 proto tcp/udp from any to any port = netbios-ssn
block in log first quick on dc0 proto tcp/udp from any to any port = 81
block in log first quick on dc0 all