1*bc4097aaSchristos# $NetBSD: example.3,v 1.1.1.1 2012/03/23 21:20:15 christos Exp $ 2*bc4097aaSchristos# 3*bc4097aaSchristos# block all inbound packets. 4*bc4097aaSchristos# 5*bc4097aaSchristosblock in from any to any 6*bc4097aaSchristos# 7*bc4097aaSchristos# pass through packets to and from localhost. 8*bc4097aaSchristos# 9*bc4097aaSchristospass in from 127.0.0.1/32 to 127.0.0.1/32 10*bc4097aaSchristos# 11*bc4097aaSchristos# allow a variety of individual hosts to send any type of IP packet to any 12*bc4097aaSchristos# other host. 13*bc4097aaSchristos# 14*bc4097aaSchristospass in from 10.1.3.1/32 to any 15*bc4097aaSchristospass in from 10.1.3.2/32 to any 16*bc4097aaSchristospass in from 10.1.3.3/32 to any 17*bc4097aaSchristospass in from 10.1.3.4/32 to any 18*bc4097aaSchristospass in from 10.1.3.5/32 to any 19*bc4097aaSchristospass in from 10.1.0.13/32 to any 20*bc4097aaSchristospass in from 10.1.1.1/32 to any 21*bc4097aaSchristospass in from 10.1.2.1/32 to any 22*bc4097aaSchristos# 23*bc4097aaSchristos# 24*bc4097aaSchristos# block all outbound packets. 25*bc4097aaSchristos# 26*bc4097aaSchristosblock out from any to any 27*bc4097aaSchristos# 28*bc4097aaSchristos# allow any packets destined for localhost out. 29*bc4097aaSchristos# 30*bc4097aaSchristospass out from any to 127.0.0.1/32 31*bc4097aaSchristos# 32*bc4097aaSchristos# allow any host to send any IP packet out to a limited number of hosts. 33*bc4097aaSchristos# 34*bc4097aaSchristospass out from any to 10.1.3.1/32 35*bc4097aaSchristospass out from any to 10.1.3.2/32 36*bc4097aaSchristospass out from any to 10.1.3.3/32 37*bc4097aaSchristospass out from any to 10.1.3.4/32 38*bc4097aaSchristospass out from any to 10.1.3.5/32 39*bc4097aaSchristospass out from any to 10.1.0.13/32 40*bc4097aaSchristospass out from any to 10.1.1.1/32 41*bc4097aaSchristospass out from any to 10.1.2.1/32 42