log in proto tcp from any port > 0 to any log in proto tcp from any to any port > 0 pass in proto tcp from any port != 0 to any port 0 >< 65535 pass in inet proto udp from 127.0.0.1/32 port > 32000 to 127.0.0.1/32 port < 29000 block in proto udp from any port != 123 to any port < 7 block in proto tcp from any port = 25 to any port > 25 pass in proto tcp/udp from any port 1 >< 3 to any port 1 <> 3 pass in proto tcp/udp from any port 2:2 to any port 10:20 pass in log first quick proto tcp from any port > 1023 to any port = 1723 flags S/FSRPAU keep state # count 0 |