1 pass in inet from 127.0.0.1/32 to 127.0.0.1/32 with short,frag 2 block in from any to any with ipopts 3 pass in inet from any to any with opt nop,rr,zsu 4 pass in inet from any to any with opt nop,rr,zsu not opt lsrr,ssrr 5 pass in inet from 127.0.0.1/32 to 127.0.0.1/32 with not frag 6 pass in inet from 127.0.0.1/32 to 127.0.0.1/32 with frag,frag-body 7 pass in proto tcp from any to any flags S/FSRPAU with not oow keep state # count 0 8 block in proto tcp from any to any with oow 9 pass in proto tcp from any to any flags S/FSRPAU with not bad,bad-src,bad-nat 10 block in proto tcp from any to any flags S/FSRPAU with bad,not bad-src,not bad-nat 11 pass in quick from any to any with not short 12 block in quick from any to any with not nat 13 pass in quick from any to any with not frag-body 14 block in quick from any to any with not lowttl 15 pass in from any to any with not ipopts,mbcast,not bcast,mcast,not state 16 block in from any to any with not mbcast,bcast,not mcast,state 17 pass in inet from any to any with opt mtup,mtur,encode,ts,tr,sec,e-sec,cipso,satid,ssrr,addext,visa,imitd,eip,finn,dps,sdb,nsapa,rtralrt,ump 18
Indexes created Mon Sep 29 21:09:56 GMT 2025