1b9daf172Sjmmvpass in on ed0 proto tcp from localhost to localhost port = telnet keep state 2b9daf172Sjmmvblock in log first on lo0 proto tcp/udp from any to any port = echo keep state 3b9daf172Sjmmvpass in proto udp from localhost to localhost port = 20499 keep frag 4b9daf172Sjmmvpass in proto udp from localhost to localhost port = 2049 keep frag(strict) 5b9daf172Sjmmvpass in proto udp from localhost to localhost port = 53 keep state keep frags 6b9daf172Sjmmvpass in on ed0 out-via vx0 proto udp from any to any keep state 7b9daf172Sjmmvpass out on ppp0 in-via le0 proto tcp from any to any keep state 8b9daf172Sjmmvpass in on ed0,vx0 out-via vx0,ed0 proto udp from any to any keep state 9b9daf172Sjmmvpass in proto tcp from any port gt 1024 to localhost port eq 1024 keep state 10b9daf172Sjmmvpass in proto tcp all flags S keep state(strict,newisn,no-icmp-err,limit 101,age 600) 11*22ab6602Schristospass in proto tcp all flags S keep state(loose,newisn,no-icmp-err,limit 101,age 600) 12b9daf172Sjmmvpass in proto udp all keep state(age 10/20,sync) 13