# Required order: options, normalization, queueing, translation, filtering.
# Macros and tables may be defined and used anywhere.
# Note that translation rules are first match while filter rules are last match.
# CHANGE to your network interface card!!!
ext_if="fxp0"

#block everything
block in log all
block out log all
#allow everything for loopback
pass in quick on lo0 all
pass out quick on lo0 all
#allow all outgoing packets
pass out quick proto tcp from $ext_if to any keep state
pass out quick proto udp from $ext_if to any keep state
pass out quick inet proto icmp from $ext_if to any keep state
pass out quick proto ipv6-icmp from any to any keep state
pass in quick proto ipv6-icmp from any to any
#enable to ssh access
#pass in quick proto tcp from any to any port = 22