Did you open the passive ports as well?

you really are using ipfw?

If you're forwarding traffic then no connection will be made to the pfSense host and there's no point in installing your SSL certificate on the pfSense host.

@jimp: If the checksums are done in hardware, software tools will often think they aren't right even though they are correct, but were handled at the hardware level. If you suspect it's the hardware checksums, there is a checkbox under the Advanced options to turn them off. It wasn't clear from your message if you had already tried this step. Yup, that was it. Thx m8. It's now working smooth. :)

changing any rules will not affect existing states.  you can go to the diagnostics page and in the states menu, click on reset states (or as you did, just restart the server using that rule.)

Thanks all, Now i'm still struggling with trying to create a bridge..  :/

Conclusions: Through my testing and experimentation I found that by setting the 'DNS Forwarder' to 'Register DHCP leases/static mappings in DNS forwarder' and entering the 'NetBIOS Name' when adding a static DHCP Address to the 'DHCP server' the systems can be accessed via their NetBIOS name, ‘**\sharehost**’, then that will give you access to their share dir view, and browse the systems’ shared folders accross the subnets in both directions without issue. I was unable, at this point, to find a configuration that allowed one system to “scan” from one subnet to another for CIFS shares despite firewall rules allowing traffic and being in the same Workgroup. I will investigate Samba4WINS and see what else I can come up with. Thanks all for your input and help. Cheers

I am looking from the web interface and …. what red cross ????? There are no red crosses anywhere on my log window. And then I changed the view .... there is the red cross on the simple view .... when viewing in raw format there is no red cross - and I've only been using pFsense 2 years  :-[

Remember that your 'pass' rules must be top of the list (unless you have block rules). @wahran: I am not sure what you mean by the "rig for LAN1" ? I basically have an atom based PC with 2 Gig LAN interface and atheros mini-pcix wifi interface. I cannot use this box as the main router, as I don't have control over that part (i.e. the 2.0 LAN). What I have is: << LAN on 192.168.2.0 >> – gigLAN1 192.168.2.100<< PfSense Box >> -- gigLAN2 192.168.3.1 LAN                                                                                                 |-- OPT Wifi on 192.168.4.1 WLAN I am running DHCP on both the 3.0 and 4.0 LANs. Everything works fine, expect that I need to be able to access the 3.0 and 4.0 LANs from the 2.0 side. I have static routes on the 2.0 side pointing to the the 3.1 and 4.1 gateways, which I can ping. But I cannot see any other systems hooked up on either the 3.0 or 4.0 networks. Thanks. What I meant was if it is pfS Connecting you to the net or a basic router but you've answered that now. To be honest it sounds like your don't have proper rules set on your 3.0 and 4.0 segments to allow traffic the ping traffic to pass back to the 2.0 network. Try enabling 'Bypass firewall rules for traffic on the same interface' under 'System > Advanced Functions' or create a aliais for the 2 and 3/4 networks on each box: 2.0 Name: netpass | Type: Network(s) | Networks: 192.168.3.0/24, 192.168.4.0/24 netpass  192.168.3.0/24, 192.168.4.0/24  Network aliais 3.0 / 4.0: Name: netpass | Type: Network(s) | Networks: 192.168.2.0/24 netpass  192.168.2.0/24 Network aliais the setup a pass rules on the interfaces that the traffic is INBOUND on: (which in your case is WAN) *  netpass  *  *  *  *    Network Traffic Pass I may get yelled at for that being wrong but try that out and see if you what results you get. Also, were you able to ping from 3.0 or 4.0 to 2.0?

I actually figured out the problem. When I bridged the interface, I also added an entry in the gateway field. Once I read the description a few times this morning, I figured out that it should have been blank. Sure enough, blanking that field fixed my problems. Now I'm on to re-creating all the old rules then seeing it I can't use the old Firebox and get rid of the bulky 300PL I'm currently using.

In the GUI, go to Firewall/Aliases and you can make aliases for the port(s) you want to have custom names to.

For starters, don't post a new problem to an old thread, start a new one. (I have split your post into a new topic) Secondly, make sure you are allowing those connections on the server in question. It may have local firewall rules on it that prevent the connections, even if pfSense is allowing them through.

pfctl -sn nat-anchor "pftpx/" all nat-anchor "natearly/" all nat-anchor "natrules/" all nat on le0 inet from 192.168.0.0/16 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on ng0 inet from 192.168.0.0/16 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin nat on le0 inet from 192.168.0.0/16 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on ng0 inet from 192.168.0.0/16 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin nat on le0 inet from 192.168.0.0/16 to any -> (ng0) port 1024:65535 round-robin nat on ng0 inet from 192.168.0.0/16 to any -> (ng0) port 1024:65535 round-robin rdr-anchor "pftpx/" all rdr-anchor "slb" all no rdr on le1 proto tcp from any to <vpns>port = ftp rdr on le1 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021 rdr-anchor "imspector" all rdr-anchor "miniupnpd" all pfctl -sr scrub all random-id max-mss 1452 fragment reassemble block drop in all label "SHAPER: first match rule" tag unshaped pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesDown tagged qGamesUp pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3074 keep state tag qGamesDown tagged unshaped pass out on le0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown pass out on ng0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3074 flags S/SA keep state tag qGamesDown tagged unshaped pass out on le0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown pass out on ng0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown pass in on le1 inet proto udp from 192.168.0.0/16 to any port = kerberos-sec keep state tag qGamesDown tagged unshaped pass out on le0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped pass out on ng0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3074 keep state tag qGamesDown tagged unshaped pass out on le0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown pass in on le0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped pass out on ng0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3074 flags S/SA keep state tag qGamesDown tagged unshaped pass out on le0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped pass out on ng0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6112:6119 flags S/SA keep state tag qGamesDown tagged unshaped pass out on le0 proto tcp from any to any port 6112:6119 flags S/SA keep state tag qGamesUp tagged qGamesDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesUp tagged unshaped pass out on ng0 proto tcp from any to any port 6112:6119 flags S/SA keep state tag qGamesUp tagged qGamesDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto udp from 192.168.0.0/16 to any port = kerberos-sec keep state tag qGamesDown tagged unshaped pass out on le0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown pass in on le0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped pass out on ng0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesDown tagged qGamesUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = smtp flags S/SA keep state tag qOthersDownH tagged unshaped pass out on le0 proto tcp from any to any port = smtp flags S/SA keep state tag qOthersUpH tagged qOthersDownH pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersUpH tagged unshaped pass out on ng0 proto tcp from any to any port = smtp flags S/SA keep state tag qOthersUpH tagged qOthersDownH pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersUpH tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersDownH tagged qOthersUpH pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = rtsp flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = rtsp flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port = rtsp flags S/SA keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = snmp flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = snmp flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = snmp flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = http flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = http flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = http flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = https flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = https flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = https flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = domain keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = domain keep state tag qwandef tagged qlandef pass out on ng0 proto udp from any to any port = domain keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = domain flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = domain flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = domain flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = pop3 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = pop3 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = pop3 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = microsoft-ds flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = microsoft-ds flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = microsoft-ds flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = imap flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = imap flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto icmp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = imap flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto icmp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on le1 inet proto icmp from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto icmp from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped pass out on le0 proto icmp all keep state tag qwandef tagged qlandef pass out on ng0 proto icmp all keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 137:139 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port 137:139 flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port 137:139 flags S/SA keep state tag qwandef tagged qlandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = snmp keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = snmp keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = snmp keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5631 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 5631 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 5631 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = nntp keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = nntp keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = nntp keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3306 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 3306 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 3306 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = nntp flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = nntp flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port = nntp flags S/SA keep state tag qwandef tagged qlandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 5632 keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = 5632 keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = 5632 keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qlandef tagged qwandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qwandef tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = cvsup flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = cvsup flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = cvsup flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port 8767:8768 keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port 8767:8768 keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port 8767:8768 keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 14534 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 14534 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 14534 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 51234 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 51234 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 51234 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = lotusnote keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = lotusnote keep state tag qwandef tagged qlandef pass out on ng0 proto udp from any to any port = lotusnote keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5900 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 5900 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 5900 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3283 keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = 3283 keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = 3283 keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3283 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 3283 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 3283 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 5900:5930 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port 5900:5930 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port 5900:5930 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qwandef tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 5900 keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = 5900 keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = 5900 keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = lotusnote flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = lotusnote flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = lotusnote flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = aol keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = aol keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = aol keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qwandef tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = aol flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = aol flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = aol flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8038:8039 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 8038:8039 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port 8038:8039 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 6346 keep state tag qP2PDown tagged unshaped pass out on le0 proto udp from any to any port = 6346 keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto udp from any to any port = 6346 keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6346 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 28864:28865 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 28864:28865 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port 28864:28865 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6699:6701 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 6699:6701 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port 6699:6701 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 4329 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 4329 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = 4329 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 5500:5503 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 5500:5503 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port 5500:5503 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 4661:4665 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 4661:4665 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port 4661:4665 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PUp tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 7788 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 7788 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port = 7788 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto udp from 192.168.0.0/16 to any port 6881:6999 keep state tag qP2PDown tagged unshaped pass out on le0 proto udp from any to any port 6881:6999 keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto udp from any to any port 6881:6999 keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6881:6999 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 6881:6999 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port 6881:6999 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 2340 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 2340 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = 2340 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 1044:1045 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 1044:1045 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port 1044:1045 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = synoptics-trap flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = synoptics-trap flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = synoptics-trap flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6666:6668 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 6666:6668 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port 6666:6668 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8888:8889 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port 8888:8889 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port 8888:8889 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto esp from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped pass out on le0 proto esp all keep state tag qwandef tagged qlandef pass in on le0 inet proto esp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on ng0 proto esp all keep state tag qwandef tagged qlandef pass in on ng0 inet proto esp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on le1 inet proto esp from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef pass in on le0 inet proto ah from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass in on ng0 inet proto ah from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on le1 inet proto ah from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef pass in on le1 inet proto ah from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped pass out on le0 proto ah all keep state tag qwandef tagged qlandef pass out on ng0 proto ah all keep state tag qwandef tagged qlandef pass in on le1 inet proto udp from 192.168.0.0/16 to any port = isakmp keep state tag qlandef tagged unshaped pass out on le0 proto udp from any to any port = isakmp keep state tag qwandef tagged qlandef pass in on le0 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qwandef tagged unshaped pass out on ng0 proto udp from any to any port = isakmp keep state tag qwandef tagged qlandef pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qwandef tagged unshaped pass out on le1 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8000:8100 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port 8000:8100 flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port 8000:8100 flags S/SA keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 7668 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 7668 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port = 7668 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5223 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 5223 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = 5223 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = jabber-client flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = jabber-client flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port = jabber-client flags S/SA keep state tag qwandef tagged qlandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6667:6670 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port 6667:6670 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port 6667:6670 flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto gre from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass in on ng0 inet proto gre from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped pass out on le1 inet proto gre from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef pass in on le1 inet proto gre from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped pass out on le0 proto gre all keep state tag qwandef tagged qlandef pass out on ng0 proto gre all keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = aol flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = aol flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port = aol flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6346 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 8311 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 8311 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PUp tagged unshaped pass out on ng0 proto tcp from any to any port = 8311 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6699 flags S/SA keep state tag qP2PDown tagged unshaped pass out on le0 proto tcp from any to any port = 6699 flags S/SA keep state tag qP2PUp tagged qP2PDown pass out on ng0 proto tcp from any to any port = 6699 flags S/SA keep state tag qP2PUp tagged qP2PDown pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = pptp flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = pptp flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qwandef tagged unshaped pass out on ng0 proto tcp from any to any port = pptp flags S/SA keep state tag qwandef tagged qlandef pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qlandef tagged qwandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qwandef tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qwandef tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qlandef tagged qwandef pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3389 flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = 3389 flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port = 3389 flags S/SA keep state tag qwandef tagged qlandef pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PUp tagged unshaped pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PUp tagged unshaped pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PDown tagged qP2PUp pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = jabber-server flags S/SA keep state tag qlandef tagged unshaped pass out on le0 proto tcp from any to any port = jabber-server flags S/SA keep state tag qwandef tagged qlandef pass out on ng0 proto tcp from any to any port = jabber-server flags S/SA keep state tag qwandef tagged qlandef anchor "ftpsesame/" all anchor "firewallrules" all block drop quick proto tcp from any port = 0 to any block drop quick proto tcp from any to any port = 0 block drop quick proto udp from any port = 0 to any block drop quick proto udp from any to any port = 0 block drop quick from <snort2c>to any label "Block snort2c hosts" block drop quick from any to <snort2c>label "Block snort2c hosts" block drop in quick inet6 all block drop out quick inet6 all anchor "loopback" all pass in quick on lo0 all flags S/SA keep state label "pass loopback" pass out quick on lo0 all flags S/SA keep state label "pass loopback" anchor "packageearly" all anchor "carp" all pass quick inet proto icmp from 81.11.184.59 to any keep state anchor "dhcpserverlan" all pass in quick on le1 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server on LAN" pass in quick on le1 inet proto udp from any port = bootpc to 192.168.5.1 port = bootps keep state label "allow access to DHCP server on LAN" pass out quick on le1 inet proto udp from 192.168.5.1 port = bootps to any port = bootpc keep state label "allow access to DHCP server on LAN" block drop in log quick on le0 inet proto udp from any port = bootps to 192.168.0.0/16 port = bootpc label "block dhcp client out wan" block drop in log quick on ng0 inet proto udp from any port = bootps to 192.168.0.0/16 port = bootpc label "block dhcp client out wan" block drop in on ! le1 inet from 192.168.0.0/16 to any block drop in inet from 192.168.5.1 to any block drop in on le1 inet6 from fe80::20c:29ff:febe:2472 to any anchor "spoofing" all anchor "spoofing" all block drop in on le0 inet6 from fe80::20c:29ff:febe:2468 to any block drop in on ng0 inet6 from fe80::20c:29ff:febe:2468 to any block drop in on ! ng0 inet from 81.11.184.59 to any block drop in inet from 81.11.184.59 to any block drop in log quick on le0 inet from 10.0.0.0/8 to any label "block private networks from wan block 10/8" block drop in log quick on ng0 inet from 10.0.0.0/8 to any label "block private networks from wan block 10/8" block drop in log quick on le0 inet from 127.0.0.0/8 to any label "block private networks from wan block 127/8" block drop in log quick on ng0 inet from 127.0.0.0/8 to any label "block private networks from wan block 127/8" block drop in log quick on le0 inet from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12" block drop in log quick on ng0 inet from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12" block drop in log quick on le0 inet from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16" block drop in log quick on ng0 inet from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16" anchor "limitingesr" all block drop in quick from <virusprot>to any label "virusprot overload table" anchor "wanbogons" all block drop in log quick on le0 from <bogons>to any label "block bogon networks from wan" block drop in log quick on ng0 from <bogons>to any label "block bogon networks from wan" anchor "firewallout" all pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) tagged qwandef pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) tagged qwandef pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PUp, qwanacks) tagged qP2PUp pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PUp, qwanacks) tagged qP2PUp pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesUp, qwanacks) tagged qGamesUp pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesUp, qwanacks) tagged qGamesUp pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersUpH, qwanacks) tagged qOthersUpH pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersUpH, qwanacks) tagged qOthersUpH pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qlandef, qlanacks) tagged qlandef pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PDown, qlanacks) tagged qP2PDown pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesDown, qlanacks) tagged qGamesDown pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersDownH, qlanacks) tagged qOthersDownH pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qlandef, qlanacks) pass out quick on le2 all flags S/SA keep state label "let out anything from firewall host itself" pass out quick on enc0 all flags S/SA keep state label "IPSEC internal host to host" pass out quick on ng0 proto icmp all keep state (tcp.closed 5) label "let out anything from firewall host itself" anchor "anti-lockout" all pass in quick on le1 inet from any to 192.168.5.1 flags S/SA keep state label "anti-lockout web rule" block drop in log quick proto tcp from <sshlockout>to any port = ssh label "sshlockout" anchor "ftpproxy" all anchor "pftpx/" all anchor "qwanRoot" all tagged qwanRoot anchor "qlanRoot" all tagged qlanRoot anchor "qwandef" all tagged qwandef anchor "qlandef" all tagged qlandef anchor "qwanacks" all tagged qwanacks anchor "qlanacks" all tagged qlanacks anchor "qP2PUp" all tagged qP2PUp anchor "qP2PDown" all tagged qP2PDown anchor "qGamesUp" all tagged qGamesUp anchor "qGamesDown" all tagged qGamesDown anchor "qOthersUpH" all tagged qOthersUpH anchor "qOthersDownH" all tagged qOthersDownH anchor "qOthersUpL" all tagged qOthersUpL anchor "qOthersDownL" all tagged qOthersDownL pass in log quick on le0 inet proto tcp from 212.123.16.0/20 to any flags S/SA keep state label "USER_RULE" queue(qwandef, qwanacks) pass in log quick on le0 inet proto udp from 212.123.16.0/20 to any keep state label "USER_RULE" queue(qwandef, qwanacks) pass in log quick on ng0 inet proto tcp from 212.123.16.0/20 to any flags S/SA keep state label "USER_RULE" queue(qwandef, qwanacks) pass in log quick on ng0 inet proto udp from 212.123.16.0/20 to any keep state label "USER_RULE" queue(qwandef, qwanacks) pass in quick on le1 inet from 192.168.0.0/16 to any flags S/SA keep state label "USER_RULE: Default LAN -> any" queue(qlandef, qlanacks) pass in quick on le1 inet proto tcp from any to 127.0.0.1 port = ftp-proxy flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on le1 inet proto tcp from any to 127.0.0.1 port = ftp flags S/SA keep state label "FTP PROXY: Allow traffic to localhost" pass in quick on ng0 inet proto tcp from any port = ftp-data to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" anchor "imspector" all anchor "miniupnpd" all block drop in log quick all label "Default deny rule" block drop out log quick all label "Default deny rule" pfctl -ss all udp 192.168.5.1:4007 -> 239.255.255.250:1900      SINGLE:NO_TRAFFIC all tcp 209.85.229.99:80 <- 192.168.2.2:1035      FIN_WAIT_2:ESTABLISHED all tcp 192.168.2.2:1035 -> 81.11.184.59:34808 -> 209.85.229.99:80      ESTABLISHED:FIN_WAIT_2 all tcp 64.4.34.78:1863 <- 192.168.2.2:1041      ESTABLISHED:ESTABLISHED all tcp 192.168.2.2:1041 -> 81.11.184.59:16705 -> 64.4.34.78:1863      ESTABLISHED:ESTABLISHED all tcp 81.11.184.59:80 <- 212.123.26.190:1093      FIN_WAIT_2:FIN_WAIT_2 all tcp 207.46.113.78:443 <- 192.168.2.2:1068      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1068 -> 81.11.184.59:44237 -> 207.46.113.78:443      TIME_WAIT:TIME_WAIT all tcp 65.54.167.92:80 <- 192.168.2.2:1070      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1070 -> 81.11.184.59:31418 -> 65.54.167.92:80      TIME_WAIT:TIME_WAIT all tcp 207.46.216.54:80 <- 192.168.2.2:1075      ESTABLISHED:ESTABLISHED all tcp 192.168.2.2:1075 -> 81.11.184.59:63614 -> 207.46.216.54:80      ESTABLISHED:ESTABLISHED all tcp 64.4.20.186:80 <- 192.168.2.2:1079      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1079 -> 81.11.184.59:13475 -> 64.4.20.186:80      TIME_WAIT:TIME_WAIT all tcp 64.4.20.186:80 <- 192.168.2.2:1085      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1085 -> 81.11.184.59:61698 -> 64.4.20.186:80      TIME_WAIT:TIME_WAIT all tcp 194.78.100.17:80 <- 192.168.2.2:1087      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1087 -> 81.11.184.59:7202 -> 194.78.100.17:80      TIME_WAIT:TIME_WAIT all tcp 65.55.206.60:80 <- 192.168.2.2:1090      ESTABLISHED:ESTABLISHED all tcp 192.168.2.2:1090 -> 81.11.184.59:18712 -> 65.55.206.60:80      ESTABLISHED:ESTABLISHED all tcp 204.160.98.126:80 <- 192.168.2.2:1091      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1091 -> 81.11.184.59:47682 -> 204.160.98.126:80      TIME_WAIT:TIME_WAIT all tcp 209.84.7.126:80 <- 192.168.2.2:1092      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1092 -> 81.11.184.59:46978 -> 209.84.7.126:80      TIME_WAIT:TIME_WAIT all tcp 213.246.206.102:80 <- 192.168.2.2:1093      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1093 -> 81.11.184.59:47676 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 212.35.126.188:80 <- 192.168.2.2:1094      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1094 -> 81.11.184.59:64680 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 213.199.141.140:80 <- 192.168.2.2:1095      ESTABLISHED:ESTABLISHED all tcp 192.168.2.2:1095 -> 81.11.184.59:7986 -> 213.199.141.140:80      ESTABLISHED:ESTABLISHED all tcp 213.199.141.139:80 <- 192.168.2.2:1096      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1096 -> 81.11.184.59:54173 -> 213.199.141.139:80      TIME_WAIT:TIME_WAIT all tcp 65.54.89.62:80 <- 192.168.2.2:1097      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1097 -> 81.11.184.59:44686 -> 65.54.89.62:80      TIME_WAIT:TIME_WAIT all tcp 194.129.79.21:80 <- 192.168.2.2:1098      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1098 -> 81.11.184.59:34311 -> 194.129.79.21:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 213.246.206.102:80 <- 192.168.2.2:1099      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1099 -> 81.11.184.59:41605 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 212.35.126.188:80 <- 192.168.2.2:1100      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1100 -> 81.11.184.59:40556 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 209.85.229.148:80 <- 192.168.2.2:1101      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1101 -> 81.11.184.59:39817 -> 209.85.229.148:80      TIME_WAIT:TIME_WAIT all tcp 209.85.229.148:80 <- 192.168.2.2:1102      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1102 -> 81.11.184.59:32644 -> 209.85.229.148:80      TIME_WAIT:TIME_WAIT all tcp 194.78.100.17:80 <- 192.168.2.2:1103      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1103 -> 81.11.184.59:22993 -> 194.78.100.17:80      TIME_WAIT:TIME_WAIT all tcp 81.11.184.59:80 <- 212.123.26.190:1107      ESTABLISHED:ESTABLISHED all tcp 194.78.100.17:80 <- 192.168.2.2:1104      ESTABLISHED:ESTABLISHED all tcp 192.168.2.2:1104 -> 81.11.184.59:29878 -> 194.78.100.17:80      ESTABLISHED:ESTABLISHED all tcp 213.246.206.102:80 <- 192.168.2.2:1105      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1105 -> 81.11.184.59:36488 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 212.35.126.188:80 <- 192.168.2.2:1106      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1106 -> 81.11.184.59:64930 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 213.199.141.139:80 <- 192.168.2.2:1107      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1107 -> 81.11.184.59:62799 -> 213.199.141.139:80      TIME_WAIT:TIME_WAIT all tcp 194.129.79.21:80 <- 192.168.2.2:1108      FIN_WAIT_2:FIN_WAIT_2 all tcp 192.168.2.2:1108 -> 81.11.184.59:47571 -> 194.129.79.21:80      FIN_WAIT_2:FIN_WAIT_2 all tcp 65.54.89.49:80 <- 192.168.2.2:1109      TIME_WAIT:TIME_WAIT all tcp 192.168.2.2:1109 -> 81.11.184.59:59554 -> 65.54.89.49:80      TIME_WAIT:TIME_WAIT all tcp 194.78.100.11:80 <- 192.168.2.2:1110      TIME_WAIT:TIME_WAIT all tcp 192</sshlockout></bogons></bogons></virusprot></snort2c></snort2c></vpns>

thanks!

try sftp with user "root" but same password.

Many Thanks!. :)