Annotation of src/share/ipf/example.16, Revision 1.1
1.1 ! dm 1: #
! 2: # Only allow TCP packets in/out of le0 if there is an outgoing connection setup
! 3: # somewhere, waiting for it.
! 4: #
! 5: pass out quick on le0 proto tcp from any to any flags S/SAFR keep state
! 6: block out on le0 proto tcp all
! 7: block in on le0 proto tcp all
! 8: #
! 9: # allow nameserver queries and replies to pass through, but no other UDP
! 10: #
! 11: pass out quick on le0 proto udp from any to any port = 53 keep state
! 12: block out on le0 proto udp all
! 13: block in on le0 proto udp all
![[BACK]](/icons/back.gif){kind=icon}
Return to example.16 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / ipf