#---------------------------------------------------------------- # Allow everything to/from your loopback interface so you # can ping yourself (e.g. ping localhost) #---------------------------------------------------------------- pass in quick on lo0 all pass out quick on lo0 all ################################################################
################################################################# # Inside Interface ################################################################# #---------------------------------------------------------------- # Allow out all TCP, UDP, and ICMP traffic & keep state #---------------------------------------------------------------- pass out quick on em1 all head 1 pass out quick on em1 proto tcp from any to any keep state group 1 pass out quick on em1 proto udp from any to any keep state group 1 pass out quick on em1 proto icmp from any to any keep state group 1 block out quick on em1 all group 1 #---------------------------------------------------------------- # Allow in all TCP, UDP, and ICMP traffic & keep state #---------------------------------------------------------------- pass in quick on em1 all head 2
