pf68.ok revision 1.3
1scrub proto tcp all fragment reassemble 2scrub proto tcp all fragment reassemble 3scrub proto tcp all fragment reassemble 4scrub in proto tcp all fragment reassemble 5scrub in proto tcp all fragment reassemble 6scrub in proto tcp all fragment crop 7scrub in proto tcp all fragment drop-ovl 8scrub in proto tcp all fragment reassemble 9scrub in proto tcp from <regress.1> to any fragment reassemble 10scrub in proto tcp from ! <regress.2> to any fragment reassemble 11scrub in inet proto tcp from 10.0.0.1 to 10.0.0.3 fragment reassemble 12scrub in inet proto tcp from 10.0.0.1 to 10.0.0.4 fragment reassemble 13scrub in inet proto tcp from 10.0.0.2 to 10.0.0.3 fragment reassemble 14scrub in inet proto tcp from 10.0.0.2 to 10.0.0.4 fragment reassemble 15scrub in log on lo0 proto tcp all min-ttl 25 fragment reassemble 16scrub in log on lo0 inet6 proto tcp from (lo1000000) to 2000::1 fragment reassemble 17scrub in log on lo0 inet6 proto tcp from (lo0) to 2000::1 fragment reassemble 18scrub in log on lo0 proto tcp all fragment reassemble 19scrub in log on lo1000000 proto tcp all fragment reassemble 20scrub in on lo0 proto tcp all fragment reassemble 21scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble 22scrub in on lo0 proto tcp all max-mss 224 fragment reassemble 23scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble 24scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment drop-ovl 25scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble 26scrub in on lo0 proto tcp all no-df fragment reassemble 27scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment crop 28scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble 29scrub in on lo0 inet proto tcp from (lo0) to any fragment reassemble 30scrub on lo0 proto tcp all max-mss 224 fragment reassemble 31scrub out proto tcp all fragment reassemble 32scrub out proto tcp from any to ! <regress.1> fragment reassemble 33scrub out proto tcp from any to <regress.2> fragment reassemble 34scrub out log on lo1000000 inet proto tcp from any to 10.0.0.1 no-df max-mss 224 fragment reassemble 35scrub proto tcp all random-id fragment reassemble 36scrub proto tcp from any to any port = www fragment reassemble 37scrub in proto tcp from <regress.1> to any port = www fragment reassemble 38scrub in proto tcp from ! <regress.2> to any port = www fragment reassemble 39scrub in inet proto tcp from 10.0.0.1 to 10.0.0.3 port = www fragment reassemble 40scrub in inet proto tcp from 10.0.0.1 to 10.0.0.4 port = www fragment reassemble 41scrub in inet proto tcp from 10.0.0.2 to 10.0.0.3 port = www fragment reassemble 42scrub in inet proto tcp from 10.0.0.2 to 10.0.0.4 port = www fragment reassemble 43scrub in log on lo0 proto tcp from any to any port = www min-ttl 25 fragment reassemble 44scrub in log on lo0 inet6 proto tcp from (lo1000000) port = www to 2000::1 fragment reassemble 45scrub in log on lo0 inet6 proto tcp from (lo0) port = www to 2000::1 fragment reassemble 46scrub in log on lo0 proto tcp from any port = www to any fragment reassemble 47scrub in log on lo1000000 proto tcp from any port = www to any fragment reassemble 48scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment reassemble 49scrub in on lo0 proto tcp from any port = 81 to any no-df min-ttl 15 max-mss 224 fragment reassemble 50scrub in on lo0 proto tcp from any to any port = www max-mss 224 fragment reassemble 51scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment reassemble 52scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment drop-ovl 53scrub in on lo0 proto tcp from any to any port = www no-df min-ttl 15 max-mss 224 fragment reassemble 54scrub in on lo0 proto tcp from any to any port = 81 no-df min-ttl 15 max-mss 224 fragment reassemble 55scrub in on lo0 proto tcp from any to any port = 82 no-df min-ttl 15 max-mss 224 fragment reassemble 56scrub in on lo0 proto tcp from any port = www to any port = www no-df fragment reassemble 57scrub in on lo0 proto tcp from any port = www to any port = www no-df min-ttl 15 max-mss 224 fragment crop 58scrub in on lo0 proto tcp from any port = www to any port = 81 no-df min-ttl 15 max-mss 224 fragment crop 59scrub in on lo0 proto tcp from any port = 81 to any port = www no-df min-ttl 15 max-mss 224 fragment crop 60scrub in on lo0 proto tcp from any port = 81 to any port = 81 no-df min-ttl 15 max-mss 224 fragment crop 61scrub in on lo0 proto tcp from any to any port = 83 no-df min-ttl 15 max-mss 224 fragment reassemble 62scrub in on lo0 inet proto tcp from (lo0) port = www to any fragment reassemble 63scrub on lo0 proto tcp from any to any port = www max-mss 224 fragment reassemble 64scrub out proto tcp from any to ! <regress.1> port = www fragment reassemble 65scrub out proto tcp from any to <regress.2> port = www fragment reassemble 66scrub out log on lo1000000 inet proto tcp from any to 10.0.0.1 port = www no-df max-mss 224 fragment reassemble 67