macro0 = "bge0" macro1 = "vlan20" macro2 = "vlan950" macro3 = "vlan952" macro4 = "vlan120" macro5 = "vlan3050" macro6 = "vlan953" macro7 = "em2" macro8 = "tag auth_packet keep state" macro9 = "{250.140.33.188/32 228.110.21.251/32}" macro10 = "95.159.52.90/31" macro11 = "217.91.107.99/30" macro12 = "231.246.188.12/28" macro13 = "196.93.41.102/28" macro14 = "184.175.234.16/28" macro15 = "226.8.108.114/29" macro16 = "240.15.253.37/28" macro17 = "176.91.118.127/32" macro18 = "40.16.106.81/32" macro19 = "230.63.118.132/31" macro20 = "143.134.66.74/23 26.92.228.40/27 192.222.145.130/26 59.232.248.191/29 85.24.42.119/27" macro21 = "93.134.130.112/24 216.200.156.44/24 1.35.124.80/24" macro22 = "100.29.10.120/28" macro23 = "50.179.212.43/31" macro24 = "138.115.50.45/25" macro25 = "130.67.73.147/32" macro26 = "211.12.73.216/32" macro27 = "180.20.150.227/32" macro28 = "14.87.44.97/31" macro29 = "114.208.247.201/32" macro30 = "61.1.18.134/31" macro31 = "21.183.179.14/31 203.82.30.201/32" macro32 = "211.86.87.84/31 213.189.19.66/32" macro33 = "34.245.132.161/31 44.125.13.77/31" macro34 = "65.41.72.189/31" macro35 = "186.201.69.24/31" macro36 = "34.224.135.113/31" macro37 = "100.17.210.151/30 214.109.123.19/30" macro38 = "116.151.230.134/31" macro39 = "209.72.34.234/31" macro40 = "235.93.16.185/31" macro41 = "244.8.42.59/31" macro42 = "193.224.38.29/32" macro43 = "99.8.51.26/31" macro44 = "66.29.183.134/32 150.63.56.113/32" macro45 = "44.154.46.155/32 222.140.110.21/32" macro46 = "59.179.153.211/32 14.56.102.247/32 8.43.135.243/32" macro47 = "62.212.216.45/32 239.27.111.22/32 62.153.114.176/32" macro48 = "209.206.11.177/32" macro49 = "30.99.214.136/32" macro50 = "16.135.74.8/32" macro51 = "185.248.72.52/32" macro52 = "25.81.206.151/32" macro53 = "240.216.159.7/32 64.16.112.78/32 90.223.184.134/32 84.135.208.148/32 243.50.24.142/32" macro54 = "153.224.12.70/26" macro55 = "52.145.69.151/32" macro56 = "105.43.70.76/32" macro57 = "104.224.81.38/32" macro58 = "167.194.50.114/32" macro59 = "2.216.249.31/32" macro60 = "185.15.206.210/32" macro61 = "198.57.61.122/32 87.254.25.52/32" macro62 = "96.127.105.132/32" macro63 = "236.198.251.99/32 236.241.87.179/32 183.230.157.203/32 126.79.61.227/32 235.49.227.46/32 " macro64 = "132.157.61.176/32" macro65 = "149.142.95.190/32" macro66 = "25.165.250.103/32 173.147.174.126/32" macro67 = "30.122.151.34/32 55.127.22.43/32" macro68 = "226.3.217.115/32" macro69 = "196.37.95.215/32 187.223.176.0/32 208.101.224.160/32" macro70 = "177.30.227.121/32" macro71 = "234.53.66.217/32" macro72 = "203.53.168.103/32" macro73 = "110.13.193.139/32 23.105.168.82/32" macro74 = "218.95.180.240/31 203.69.40.215/32 122.53.119.72/32" macro75 = "49.14.77.133/32 64.105.73.46/32" macro76 = "27.59.233.80/32" macro77 = "11.243.111.98/32 225.195.178.219/32" macro78 = "155.186.111.216/32" macro79 = "168.184.159.215/32 167.203.132.170/32" macro80 = "189.22.2.29/32" macro81 = "76.152.23.133/32 138.198.239.101/32" macro82 = "49.167.181.18/32 87.251.222.225/32 41.136.6.194/32" macro83 = "177.143.144.53/27 29.76.25.127/25" macro84 = "190.200.5.202/27" macro85 = "94.136.220.175/23 62.38.212.246/23" macro86 = "44.21.181.14/23 78.224.25.145/23" macro87 = "115.3.232.17/32" macro88 = "vlan200" macro89 = "36.202.24.123/28" macro90 = "73.233.251.103/30 53.190.235.191/29 169.169.87.171/28" macro91 = "vlan201" macro92 = "49.102.227.178/28" macro93 = "73.212.18.37/30 61.41.125.4/29 37.155.101.0/29" macro94 = "vlan202" macro95 = "155.68.198.41/28" macro96 = "158.167.40.117/30 200.176.118.111/29 128.135.138.172/29" macro97 = "170.38.34.95/31" macro98 = "83.144.141.107/31" macro99 = "vlan220" macro100 = "16.201.244.17/26" macro101 = "201.172.218.21/30 40.78.131.157/29 206.146.50.169/28 7.39.215.183/27 10.224.5.22/28 151.28.51.39/28 55.56.216.96/32 122.29.220.217/28 192.15.179.214/28 127.67.20.230/27 119.6.29.204/29 91.58.80.234/29 13.210.54.16/27 " macro102 = "45.211.24.2/30 70.112.16.169/29 50.93.30.137/30" macro103 = "107.13.176.80/30 189.134.182.228/29 161.104.27.61/29" macro104 = "58.230.113.103/30" macro105 = "47.180.75.25/32 104.18.82.181/32" macro106 = "167.191.94.5/31 166.236.75.207/31" macro107 = "47.51.0.218/32 60.117.102.71/32" macro108 = "vlan221" macro109 = "187.237.189.28/27" macro110 = "0.108.169.27/30 71.9.32.42/29 221.116.225.240/28 103.5.86.221/28 173.243.55.149/27 171.142.160.182/28" macro111 = "249.203.47.229/30 99.216.14.107/29 9.66.140.132/30" macro112 = "vlan222" macro113 = "41.22.186.220/27" macro114 = "98.186.151.251/30 172.166.113.10/29 161.200.137.106/28 197.187.147.224/29 36.248.44.236/29 165.192.24.140/29 122.27.80.170/29 125.157.205.29/29 4.65.82.135/29 148.10.64.51/29 118.174.207.42/29 " macro115 = "233.98.89.192/32 39.227.153.102/31 22.80.94.180/29" macro116 = "62.124.17.149/31" macro117 = "31.50.209.229/31 221.49.139.14/32 " macro118 = "52.193.197.105/32" macro119 = "68.99.140.94/32 28.143.65.20/31 " macro120 = "217.157.131.154/32" macro121 = "87.16.187.187/32" macro122 = "191.97.79.176/32" macro123 = "120.180.37.130/31 58.225.205.84/32" macro124 = "vlan230" macro125 = "58.10.128.90/27" macro126 = "196.251.191.209/30 75.106.249.164/29 62.144.153.207/28 128.172.52.218/28 204.116.39.186/27 " macro127 = "vlan231" macro128 = "103.108.184.219/26" macro129 = "142.223.126.127/30 189.253.158.181/29 74.153.115.229/28 103.214.252.80/27 90.143.151.212/26" macro130 = "vlan232" macro131 = "233.56.49.216/29" macro132 = "56.89.198.152/30" macro133 = "43.65.207.82/32 206.54.134.70/29" macro134 = "vlan240" macro135 = "169.11.226.57/26" macro136 = "163.101.191.27/30 191.105.62.204/29 155.100.206.243/28 219.249.169.23/27 172.130.164.179/28 207.156.67.149/28 137.91.96.180/27 83.46.179.229/29" macro137 = "126.99.203.83/30 31.74.169.187/29" macro138 = "88.74.76.183/29 172.50.182.10/29" macro139 = "53.29.239.68/32" macro140 = "vlan250" macro141 = "163.99.220.17/27" macro142 = "105.84.240.23/30 177.108.216.219/29 183.151.78.78/28 59.113.240.141/28 233.211.24.5/29 179.100.29.159/29" macro143 = "247.141.188.30/31 47.147.53.91/31" macro144 = "vlan251" macro145 = "130.139.211.106/26" macro146 = "191.13.96.102/30 36.246.11.225/29 215.193.38.156/28 202.205.28.25/27 177.168.54.8/29 173.249.111.112/29 52.6.163.49/29 240.205.116.249/29 121.20.62.166/27 77.174.199.100/29 60.144.158.35/29" macro147 = "94.135.26.210/32 18.111.209.106/31" macro148 = "vlan260" macro149 = "68.103.231.0/28" macro150 = "51.207.189.117/30 86.10.134.133/29 8.130.8.109/29" macro151 = "162.56.74.210/30 100.254.167.112/29" macro152 = "vlan261" macro153 = "191.17.70.226/28" macro154 = "148.85.126.2/30 61.235.224.91/29 235.192.223.190/29" macro155 = "166.46.101.136/30" macro156 = "vlan299" macro157 = "144.208.104.193/27" macro158 = "161.191.196.54/30 130.193.133.230/29 41.237.2.72/28" table const { self } table persist file "/etc/pf/table1.def" table persist file "/etc/pf/table2.def" table persist file "/etc/pf/table3.def" table persist file "/etc/pf/table4.def" table persist file "/etc/pf/table5.def" table persist file "/etc/pf/table6.def" table persist file "/etc/pf/table7.def" table persist file "/etc/pf/table8.def" table persist file "/etc/pf/table9.def" table persist file "/etc/pf/table10.def" table persist file "/etc/pf/table11.def" table persist file "/etc/pf/table12.def" table persist file "/etc/pf/table13.def" table persist file "/etc/pf/table14.def" table persist file "/etc/pf/table15.def" table persist file "/etc/pf/table16.def" table persist file "/etc/pf/table17.def" table persist file "/etc/pf/table18.def" table persist file "/etc/pf/table19.def" table persist file "/etc/pf/table20.def" table persist file "/etc/pf/table21.def" table persist file "/etc/pf/table22.def" table persist file "/etc/pf/table23.def" table persist file "/etc/pf/table24.def" table persist file "/etc/pf/table25.def" table persist file "/etc/pf/table26.def" table persist file "/etc/pf/table27.def" table persist file "/etc/pf/table28.def" table persist file "/etc/pf/table29.def" table persist file "/etc/pf/table30.def" table persist file "/etc/pf/table31.def" table persist file "/etc/pf/table32.def" table persist file "/etc/pf/table33.def" table persist file "/etc/pf/table34.def" table persist file "/etc/pf/table35.def" table persist file "/etc/pf/table36.def" table persist file "/etc/pf/table37.def" table persist file "/etc/pf/table38.def" table persist file "/etc/pf/table39.def" table persist file "/etc/pf/table40.def" table persist file "/etc/pf/table41.def" table persist file "/etc/pf/table42.def" table persist file "/etc/pf/table43.def" table persist file "/etc/pf/table44.def" table persist file "/etc/pf/table45.def" table persist file "/etc/pf/table46.def" table persist file "/etc/pf/table47.def" table persist file "/etc/pf/table48.def" table persist file "/etc/pf/table49.def" table persist file "/etc/pf/table50.def" table persist file "/etc/pf/table51.def" table persist file "/etc/pf/table52.def" table persist file "/etc/pf/table53.def" table persist set block-policy drop set state-policy if-bound set skip on lo0 set optimization normal set timeout { interval 3, frag 3 } set timeout { tcp.first 120, tcp.opening 30, tcp.established 3600 } set timeout { tcp.closing 1, tcp.finwait 1, tcp.closed 1 } set timeout { udp.first 65, udp.single 35, udp.multiple 65 } set timeout { icmp.first 20, icmp.error 10 } set timeout { other.first 60, other.single 30, other.multiple 60 } set timeout { adaptive.start 0, adaptive.end 0 } set limit { frags 10000, states 1200000 } scrub out all random-id scrub all fragment reassemble altq on em1 cbq bandwidth 1Gb queue { std, syslog } queue std bandwidth 999Mb cbq(default) queue syslog bandwidth 1Mb qlimit 10000 pass out quick tagged auth_packet keep state pass out quick on $macro3 proto udp from {$macro9} to { } port syslog $macro8 queue syslog pass out quick on $macro3 proto udp from {$macro9} to $macro19 port ntp $macro8 pass in quick on $macro1 proto tcp from to {$macro9} port { ssh ftp } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from to {$macro9} port > 1023 flags S/SAFR $macro8 pass in quick on $macro1 proto udp from to {$macro9} port snmp $macro8 pass in quick on $macro1 proto icmp from to {$macro9} icmp-type echoreq $macro8 pass in quick on $macro5 proto tcp from to { $macro10 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro5 proto udp from to { $macro10 } port snmp $macro8 pass in quick on $macro5 proto icmp from to { $macro10 } icmp-type echoreq $macro8 pass in quick on $macro0 proto tcp from to { $macro10 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro0 proto udp from to { $macro10 } port snmp $macro8 pass in quick on $macro0 proto icmp from to { $macro10 } icmp-type echoreq $macro8 pass out quick proto tcp from { $macro10 } to $macro87 port { https } flags S/SAFR $macro8 pass in quick on $macro1 proto udp from to {$macro9} port snmp $macro8 pass in quick on $macro1 proto icmp from to {$macro9} icmp-type echoreq $macro8 pass in quick on $macro3 proto udp from to { $macro9 } port snmp $macro8 pass in quick on $macro3 proto icmp from to { $macro9 } icmp-type echoreq $macro8 pass in quick on $macro3 proto udp from to {$macro9} port snmp $macro8 pass in quick inet proto icmp from to icmp-type echoreq $macro8 pass in quick on $macro1 proto tcp from to {$macro9} port ssh flags S/SAFR $macro8 pass in quick on $macro3 proto tcp from to {$macro9} port ssh flags S/SAFR $macro8 pass out quick proto icmp from to { $macro12 $macro13 $macro16 $macro14 $macro20 $macro15 } icmp-type echoreq $macro8 (no-sync) pass in quick proto icmp from { $macro12 $macro13 $macro16 $macro14 $macro20 $macro15 } to icmp-type echoreq $macro8 (no-sync) pass quick on $macro7 proto pfsync keep state (no-sync) pass quick on { em0 em1 em3 } proto carp keep state (no-sync) block in quick log from any to pass in quick on $macro2 proto udp from $macro11 to port syslog $macro8 pass in quick on $macro2 proto udp from $macro11 to $macro19 port ntp $macro8 pass in quick on $macro2 proto tcp from $macro11 to port ftp flags S/SAFR $macro8 pass in quick on $macro2 proto tcp from $macro11 to port > 1023 flags S/SAFR $macro8 pass in quick on $macro3 proto tcp from to $macro11 port > 1023 flags S/SAFR $macro8 pass in quick on $macro3 proto udp from to { $macro11 } port snmp $macro8 pass in quick on $macro2 proto tcp from $macro11 to port tacacs flags S/SAFR $macro8 pass in quick on $macro3 proto udp from to { $macro11 } port snmp $macro8 pass in quick on $macro3 proto tcp from to { $macro11 } port telnet flags S/SAFR $macro8 pass in quick on $macro3 proto icmp from to { $macro11 } icmp-type echoreq $macro8 pass in quick on $macro3 proto tcp from to { $macro11 } port { telnet ssh} flags S/SAFR $macro8 pass in quick on $macro3 proto icmp from to { $macro11 } icmp-type echoreq $macro8 block in quick log from any to $macro11 pass in quick proto tcp from { $macro20 } to port { http } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port { http https 5222 } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port { ssh } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port { http 8080 } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port { http } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { } to { $macro20 } port { ssh 3389 } flags S/SAFR $macro8 pass in quick proto udp from { $macro20 } to port syslog $macro8 pass in quick proto { udp tcp } from { $macro20 } to port ntp $macro8 pass in quick on $macro1 proto tcp from to { $macro20 } port ftp flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from to { $macro20 } port > 1023 flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port ftp flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port > 1023 flags S/SAFR $macro8 pass in quick on { $macro1 $macro6 } proto tcp from { $macro21 } to { $macro20 } port { ssh https} flags S/SAFR $macro8 pass in quick on { $macro1 $macro6 } proto icmp from { $macro21 } to { $macro20 } icmp-type echoreq $macro8 pass in quick proto tcp from { $macro20 } to { $macro21 $macro20 } port { ssh https} flags S/SAFR $macro8 pass in quick proto udp from { $macro20 } to { } port { 53 } $macro8 pass in quick proto tcp from { $macro20 } to { } port { 53 } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to { $macro115 } port { smtp 465 } flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to port 636 flags S/SAFR $macro8 pass in quick proto tcp from { $macro20 } to { $macro48 } port { https } flags S/SAFR $macro8 pass in quick proto icmp from { $macro20 } to { $macro20 $macro21 } icmp-type echoreq $macro8 pass in quick on $macro1 proto tcp from { } to { $macro90 } port { https} flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { } to { $macro90 } port { https } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro40 $macro41 $macro25 $macro27 } to { $macro90 } port { https} flags S/SAFR $macro8 pass in quick on $macro88 proto tcp from { $macro90 } to { $macro136 $macro101 } port { 8081 >< 8091 } flags S/SAFR $macro8 pass in quick on $macro88 proto tcp from { $macro90 } to { $macro150 } port { 44861 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { } to { $macro93 } port { 5432 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro37 $macro38 $macro26 $macro24 } to { $macro93 } port { 5432 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { } to { $macro96 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro94 proto tcp from { $macro96 } to { $macro22 $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro45 $macro20 $macro21 $macro126 $macro129 } port { ssh telnet } flags S/SAFR $macro8 pass in quick on $macro94 proto tcp from { $macro96 } to { $macro120 } port { 1766 } flags S/SAFR $macro8 pass in quick on $macro94 proto tcp from { $macro96 } to { $macro126 } port { 80 81 } flags S/SAFR $macro8 pass in quick on { $macro99 $macro6 } proto tcp from { $macro101 } to { $macro101 } port { 3128 } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro101 } to { $macro43 } port { https } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro101 } to { $macro42 } port { 22 } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro106 } to { } port { 9000 9001 } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro107 } to { $macro23 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro101 } to { } port { ssh } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro101 } to { $macro51 } port { 50001 } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro106 } to { $macro72 $macro73 $macro74 } port { http } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro102 } to { } port { http } flags S/SAFR $macro8 pass in quick on $macro99 proto tcp from { $macro102 } to { $macro57 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro31 $macro22 } to { $macro110} port { 5432 5433 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro21 $macro33 $macro36 $macro22 } to { $macro115 } port { smtp 465 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro45 $macro22 $macro32 $macro33 $macro33 } to { $macro116 } port { 5432 5433 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro22 } to { $macro122 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro22 } to { $macro123 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro45 } to { $macro114 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro31 } to { $macro114 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro39 $macro44 $macro63 $macro64 $macro65 } to { $macro121 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro112 proto tcp from { $macro114 } to { $macro22 } port { ssh} flags S/SAFR $macro8 pass in quick on $macro112 proto tcp from { $macro114 } to { $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro45 } port { ssh} flags S/SAFR $macro8 pass in quick on $macro112 proto tcp from { $macro114 } to { $macro129 } port { telnet } flags S/SAFR $macro8 pass in quick on $macro112 proto tcp from { $macro114 } to { $macro45 } port { ssh} flags S/SAFR $macro8 pass in quick on { $macro112 $macro6 } proto tcp from { $macro114 } to { $macro146 } port { 8080 } flags S/SAFR $macro8 pass in quick on $macro112 proto tcp from { $macro117 } to { $macro133 } port { 1433 } flags S/SAFR $macro8 pass in quick on { $macro124 $macro6 } proto udp from { $macro126 } to { $macro126 } port { snmp } $macro8 pass in quick on $macro130 proto tcp from { $macro133 } to { $macro126 } port { 5989 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro49 $macro66 } to { $macro143 } port { 5432 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro42 } to { $macro146 $macro68 } port > 1023 flags S/SAFR $macro8 pass in quick on { $macro144 $macro6 } proto tcp from { $macro146 } to { $macro146 } port { 8080 } flags S/SAFR $macro8 pass in quick on { $macro144 $macro6 } proto udp from { $macro146 } to { $macro20 } port { snmp 162 } $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro118 $macro119 } port { 80} flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro42 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { } port { 3306 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro55 } port { 1524 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro71 $macro73 $macro80 } port { http } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro146 } to { $macro57 $macro68 $macro42 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro50 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro74 } port { 5590 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro62 $macro58 $macro75 $macro78 $macro59 $macro79 } port { http } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 pass in quick on $macro144 proto tcp from { $macro147 } to { $macro60 } port { 50001 } flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro42 } to { $macro136 } port > 1023 flags S/SAFR $macro8 pass in quick on { $macro134 $macro6 } proto tcp from { $macro136 } to { $macro136 } port { https } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro22 } port { https } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 $macro47 } port { https } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro43 $macro47 } port { https } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro101 } port { 3128 } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { } port { ssh } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro118 $macro73 } port { http } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro42 } port { ssh ftp } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { } port { 3306 } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro56 } port { http https } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro29 } port { 8399 >< 8500 } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { $macro61 } port { 44380 } flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { } port { telnet ssh } flags S/SAFR $macro8 pass in quick on $macro134 proto udp from { $macro136 } to { } port snmp $macro8 pass in quick on $macro134 proto icmp from { $macro136 } to { } icmp-type echoreq $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { } port ftp flags S/SAFR $macro8 pass in quick on $macro134 proto tcp from { $macro136 } to { } port > 1023 flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro42 } to { $macro150 } port > 1023 flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro22 $macro30 $macro31 $macro32 $macro33 $macro34 $macro35 $macro36 } port { https } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { } port { https } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro42 } port { ssh } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro151 } to { } port { 9000 9001 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { } port { 3306 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro56 } port { http https } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro55 } port { 1524 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro50 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro74 } port { 5590 http } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro62 $macro58 $macro75 $macro71 $macro73 $macro80 $macro78 $macro59 $macro79 $macro80 $macro28 } port { http } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 pass in quick on $macro148 proto udp from { $macro150 } to { $macro84 } port snmp $macro8 pass in quick on $macro148 proto tcp from { $macro150 } to { $macro84 $macro68 $macro42 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro148 proto icmp from { $macro150 } to { $macro84 } icmp-type echoreq $macro8 pass in quick on $macro1 proto tcp from { } to { $macro154 } port { https} flags S/SAFR $macro8 pass in quick on $macro1 proto tcp from { $macro42 } to { $macro154 } port > 1023 flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro68 } port > 1023 flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { } port { ssh } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro42 } port { ssh ftp } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro54 $macro83 } port { ssh https 20532 8443 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro52 $macro53 } port { https } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro68 } port { ftp } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro50 } port { ssh ftp >1023} flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro56 } port { http https } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro57 } port { ftp >1023 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro69 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro70 } port { 9000 9001 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro62 $macro71 $macro75 $macro80 $macro78 $macro59 $macro79 $macro81 } port { http } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro76 $macro82 } port { 1521 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro77 } port { 1433 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro29 } port { 8399 >< 8500 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro60 } port { 50001 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro61 } port { 8080 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro58 } port { http } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro74 } port { 5590 } flags S/SAFR $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 pass in quick on $macro152 proto udp from { $macro154 } to { $macro84 } port snmp $macro8 pass in quick on $macro152 proto icmp from { $macro154 } to { $macro84 } icmp-type echoreq $macro8 pass in quick on $macro152 proto tcp from { $macro154 } to { $macro84 } port { ftp > 1023 } flags S/SAFR $macro8 pass in quick on $macro148 proto tcp from { $macro158 } to { $macro84 } port { telnet ssh } flags S/SAFR $macro8 pass in quick on $macro148 proto udp from { $macro158 } to { $macro84 } port snmp $macro8 pass in quick on $macro148 proto icmp from { $macro158 } to { $macro84 } icmp-type echoreq $macro8 block in quick proto { tcp udp } from any to any port { 134 >< 140 445 } block in quick proto { tcp udp } from any to any port 1434 block in quick from any to 225.108.194.38/32 block in quick proto udp from any to 62.105.22.136/32 port 1985 block quick log all