# For use with IPFW

#add 00001 allow ip from any to any

add 00100 skipto 9999 tcp from any to any established
#add 00110 skipto 9999 tcp from any to any 22 in setup # Allow SSH
#add 00120 skipto 9999 tcp from any to any 80 in setup # Allow Web
#add 00130 skipto 9999 tcp from any to any 50000-50020 in setup # Used for DCC

add 00300 allow ip from any to any via lo0
add 00310 allow ip from any to any via vr1

# Reject private address space.
#add 00500 deny log ip from 192.168.0.1/16 to 192.168.0.0/24 via vr0
#add 00510 deny log ip from 192.168.0.0/24 to 192.168.0.1/16 via vr0
add 00520 deny log ip from 172.16.0.0/12 to any via vr0
add 00530 deny log ip from any to 172.16.0.0/12 via vr0
add 00540 deny log ip from 10.0.0.0/8 to any via vr0
add 00550 deny log ip from any to 10.0.0.0/8 via vr0

add 00600 skipto 9999 tcp from 192.168.0.0/24 to any
add 00610 skipto 9999 udp from 192.168.0.0/24 to any
add 00620 skipto 9999 udp from any to 192.168.0.0/24
add 00620 skipto 9999 udp from any to any in recv vr0
add 00630 skipto 9999 ip from any to any out via vr0
add 00640 skipto 9999 icmp from any to any

add 09000 deny log tcp from any to any
add 09010 deny log udp from any to any

add 10000 divert natd all from any to any via vr0
add 10010 pass all from any to any