1*bc4097aaSchristos# $NetBSD: example.7,v 1.1.1.1 2012/03/23 21:20:15 christos Exp $ 2*bc4097aaSchristos# block all ICMP packets. 3*bc4097aaSchristos# 4*bc4097aaSchristosblock in proto icmp all 5*bc4097aaSchristos# 6*bc4097aaSchristos# allow in ICMP echos and echo-replies. 7*bc4097aaSchristos# 8*bc4097aaSchristospass in on le1 proto icmp from any to any icmp-type echo 9*bc4097aaSchristospass in on le1 proto icmp from any to any icmp-type echorep 10*bc4097aaSchristos# 11*bc4097aaSchristos# block all ICMP destination unreachable packets which are port-unreachables 12*bc4097aaSchristos# 13*bc4097aaSchristosblock in on le1 proto icmp from any to any icmp-type unreach code 3 14