#
#
#
#
match { logtag = 10000 }
	do { execute "/usr/bin/mail -s 'logtag 10000' root" };
match { logtag = 2000, every 10 seconds }
	do { execute "echo 'XXXXXXXX tag 2000 packet XXXXXXXX'" };
#
match { protocol = udp, result = block }
	do { execute "/usr/bin/mail -s 'blocked udp' root"
};
#
match {
	srcip = 10.1.0.0/16, dstip = 192.168.1.0/24 }
	do { execute "/usr/bin/mail -s 'from 10.1 to 192.168.1' root"
};
#
match {
	rule = 12, logtag = 101, direction = in, result = block,
	protocol = udp, srcip = 10.1.0.0/16, dstip = 192.168.1.0/24 }
	do { execute "run shell command"
};
#