summaryrefslogtreecommitdiff
path: root/share/ipf/example.10
blob: 560d1e670f61d9a4b7dff5a3569b3052a3c49e06 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
#
# pass ack packets (ie established connection)
#
pass in proto tcp from 10.1.0.0/16 port = 23 to 10.2.0.0/16 flags A/A
pass out proto tcp from 10.1.0.0/16 port = 23 to 10.2.0.0/16 flags A/A
#
# block incoming connection requests to my internal network from the big bad
# internet.
#
block in on le0 proto tcp from any to 10.1.0.0/16 flags S/SA
#  to block the replies:
block out on le0 proto tcp from 10.1.0.0 to any flags SA/SA