xref: /freebsd/sbin/pfctl/tests/files/pf0007.in (revision 4d7709dd) 
14d7709ddSKristof Provost# test modulate state
24d7709ddSKristof Provost
34d7709ddSKristof Provostblock	       out log on tun1000000		 all
44d7709ddSKristof Provostblock	       in  log on tun1000000		 all
54d7709ddSKristof Provost
64d7709ddSKristof Provostblock return-rst  out log on tun1000000 proto tcp all
74d7709ddSKristof Provostblock return-rst  in  log on tun1000000 proto tcp all
84d7709ddSKristof Provostblock return-icmp out log on tun1000000 proto udp all
94d7709ddSKristof Provostblock return-icmp in  log on tun1000000 proto udp all
104d7709ddSKristof Provost
114d7709ddSKristof Provostblock out log quick on tun1000000 from ! 157.161.48.183 to any
124d7709ddSKristof Provost
134d7709ddSKristof Provostblock in quick on tun1000000 from any to 255.255.255.255
144d7709ddSKristof Provost
154d7709ddSKristof Provostblock in log quick on tun1000000 from 10.0.0.0/8		to any
164d7709ddSKristof Provostblock in log quick on tun1000000 from 172.16.0.0/12	to any
174d7709ddSKristof Provostblock in log quick on tun1000000 from 192.168.0.0/16	to any
184d7709ddSKristof Provostblock in log quick on tun1000000 from 255.255.255.255/32 to any
194d7709ddSKristof Provost
204d7709ddSKristof Provostpass out on tun1000000 inet proto icmp all icmp-type 8 code 0 keep state
214d7709ddSKristof Provostpass in  on tun1000000 inet proto icmp all icmp-type 8 code 0 keep state
224d7709ddSKristof Provost
234d7709ddSKristof Provostpass out on tun1000000 proto udp all keep state
244d7709ddSKristof Provost
254d7709ddSKristof Provostpass in on tun1000000 proto udp from any to any port = domain keep state
264d7709ddSKristof Provost
274d7709ddSKristof Provostpass out on tun1000000 proto tcp all modulate state
284d7709ddSKristof Provostpass in on tun1000000 proto { tcp udp icmp } all modulate state
294d7709ddSKristof Provostpass in on tun1000000 proto { udp tcp icmp } all flags S/SA synproxy state
304d7709ddSKristof Provost
314d7709ddSKristof Provostpass in on tun1000000 proto tcp from any to any port = ssh    modulate state
324d7709ddSKristof Provostpass in on tun1000000 proto tcp from any to any port = smtp   modulate state
334d7709ddSKristof Provostpass in on tun1000000 proto tcp from any to any port = domain modulate state
344d7709ddSKristof Provostpass in on tun1000000 proto tcp from any to any port = auth   modulate state
35