pass in proto tcp/udp all
pass out quick on lo0
pass in quick on lo0
pass in quick proto tcp from any to any flags A
pass in quick proto tcp from any to any flags AP
pass in quick proto tcp from any to any flags AFP
pass in quick proto tcp from any to any flags AF
pass in quick proto tcp from any to any flags AS
pass in quick proto tcp from any to any flags AR
pass in log quick proto tcp from any to any flags R
pass in log quick on ed0 proto tcp from any to any port = 25 flags S
pass in log quick on ed0 proto tcp from any to any port = 53 flags S
pass in log quick on ed0 proto tcp from any to any port = 80 flags S
pass in log quick on ed0 proto tcp from any to any port = 113 flags S
pass in log quick on ed0 proto tcp from 216.232.96.209/32 to any port = 23 flags S
pass in log quick on ed0 proto tcp from 216.232.96.209/32 to any port = 21 flags S
pass in log quick on ed0 proto udp from any to any port = 53
pass in quick on all proto icmp from any to any icmp-type 0
pass in quick on all proto icmp from any to any icmp-type 11
block in quick on ed0 all from 24.0.94.130/32 to any
block in quick on ed0 proto udp from 24.0.94.130/32 to any port = 119
block in log quick all with frag
block in log quick proto icmp from any to any icmp-type redir
block in proto tcp all with short
block in proto udp all with short
block in log quick proto tcp/udp from any to any port = sunrpc
block in quick on ed0 from any to any port = 3306
block in log on ed0 proto tcp/udp from any to any port = 2049
#block in proto tcp/udp from any to any port = 2049
block in log quick on ed0 proto tcp from any to any flags S
block in proto tcp/udp from any to any port 511 >< 516
block in log all with ipopts
#no smurf relaying here :)
block in log quick on all from any to 24.2.17.0/32
block in log quick on all from any to 24.2.17.255/32
block in quick on ed0 from 24.2.17.0/24 to any
block in quick on ed0 from 127.0.0.0/8 to any
block in quick on ed0 from 0.0.0.0/32 to any 
#keep @home from seeing my httpd
#block in quick proto tcp/udp from 24.0.0.0/8 to any port = 80
block in quick proto tcp/udp from 24.2.15.15/32 to any port = 80
block in quick proto tcp/udp from 216.63.37.122 to any
block in quick proto tcp/udp from 24.200.84.234/32 to any 
#block in quick proto tcp/udp from 24.2.15.15/32 port = 53 to any
#block in quick proto tcp/udp from 202.0.0.0/8 to any port = 80
#block in quick proto tcp/udp from 209.0.0.0/8 to any port = 80
block in log quick proto tcp/udp from any to any port 5990 >< 6025
block in log quick on ed0 proto tcp/udp from any port = 8080 to any
block in log quick on ed0 proto tcp/udp from any port = 3128 to any
block in log quick on ed0 proto tcp/udp from any port = 80 to any
block in log quick on ed0 all with opt lsrr
block in log quick on ed0 all with opt ssrr
block in log quick on ed0 from any to any with short frag
block in log quick on ed0 proto icmp from any to any icmp-type unreach code 3
#block return-icmp-as-dest(port-unr) in log on ne3 proto tcp/udp from any to 24.2.17.123 port 511 >< 516
#block return-icmp-as-dest(port-unr) in log on ne3 proto tcp/udp from any to 24.2.17.123 port = 113
#block return-icmp-as-dest(port-unr) in log on ne3 proto tcp/udp from any to 24.2.17.123 port 5990 >< 6025
#block return-icmp-as-dest(port-unr) in ne3 proto tcp/udp from any to any port = 53
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 12345  
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 31337  
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 68
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 512
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 139
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 514
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 2049
block return-icmp-as-dest(port-unr) in log proto udp from any to any port = 2121
block return-icmp-as-dest(port-unr) in log on all from any to any port = 210
#block return-icmp-as-dest(port-unr) in log from any to any with short frag
#block return-icmp-as-dest in log on ed0 proto tcp/udp from any to any
block return-icmp-as-dest(port-unr) in log quick on ed0 proto icmp from any to any
###### block all ICMP destination unreachable packets which are port-unreachables
block in on ed0 proto icmp from any to any icmp-type unreach code 3
# block return-rst in quick proto tcp from any to any port = 113 flags S/SA ############# no-identd
# block in log quick on all proto icmp from any to any
block in log quick on ed0 proto udp from any to any