Bridged IPF Config Example Cont.
Kyle Amon,  Page 16
/etc/ipf.rules continued

  #====================================================================.
  # External Interface                                                 |
  #====================================================================+

  #--------------------------------------------------------------------.
  # Allow named queries from firewall to anywhere                      |
  #--------------------------------------------------------------------+

  pass in quick on rl0 proto udp from any port = domain to ifopen port = domain keep state

  #--------------------------------------------------------------------.
  # Allow SMTP connections from firewall to anywhere                   |
  #--------------------------------------------------------------------+

  pass in quick on rl0 proto tcp from any port = smtp to ifopen flags SA keep state

  #--------------------------------------------------------------------.
  # Allow pinging from firewall to anywhere                            |
  #--------------------------------------------------------------------+

  pass in quick on rl0 proto icmp from any to ifopen icmp-type echorep

  #--------------------------------------------------------------------.
  # Allow traceroute from firewall to anywhere                         |
  #--------------------------------------------------------------------+

  pass in quick on rl0 proto icmp from ifopen to any icmp-type timex
  pass in quick on rl0 proto icmp from ifopen to any icmp-type unreach code port-unr

  #--------------------------------------------------------------------.
  # Allow SSH connections from firewall to anywhere                    |
  #--------------------------------------------------------------------+

  pass in quick on rl0 proto tcp from any port = ssh to ifopen flags SA keep state