# /etc/ipfw.conf
#
# allow local nets, dialup specials
#
add 00010 allow all from 127.0.0.1 to 127.0.0.1 via lo0
add 00020 allow ip from 209.157.86.0/26 to 209.157.86.0/26
#add 00030 allow ip from any to any via sl0

# Allow all outgoing
# 
add 00040 allow all from 209.157.86.0/26 to any

# incoming TCP
#
add 01000 allow tcp from any to any established
add 01010 allow tcp from any to any ssh,smtp,domain,finger,ntalk,http,auth,kerberos
add 01020 reset log tcp from any to any 

# incoming UDP
#
add 02000 allow udp from any to any 4000-65535,domain,ntp,kerberos,ntalk
add 02010 unreach filter-prohib log udp from any to any

# incoming ICMP
#
add 03000 allow icmp from any to any

# Deny the rest and log
#
add 65534 deny log all from any to any