1*0Sstevel@tonic-gate# 2*0Sstevel@tonic-gate# drop all packets without IP security options 3*0Sstevel@tonic-gate# 4*0Sstevel@tonic-gateblock in all 5*0Sstevel@tonic-gatepass in all with opt sec 6*0Sstevel@tonic-gate# 7*0Sstevel@tonic-gate# only allow packets in and out on le1 which are top secret 8*0Sstevel@tonic-gate# 9*0Sstevel@tonic-gateblock out on le1 all 10*0Sstevel@tonic-gatepass out on le1 all with opt sec-class topsecret 11*0Sstevel@tonic-gateblock in on le1 all 12*0Sstevel@tonic-gatepass in on le1 all with opt sec-class topsecret 13