4. Block ssh attempts

Block ssh attempts

  • R

    I've noticed a lot of these lately:

    Jan 6 08:45:09 sshd[17128]: Invalid user x from 190.145.6.10
    Jan 6 08:45:09 sshd[17128]: Failed password for invalid user x from 190.145.6.10 port 63764 ssh2
    Jan 6 08:45:10 sshd[17130]: Failed password for root from 190.145.6.10 port 53202 ssh2
    Jan 6 08:45:10 sshd[17131]: Invalid user win from 190.145.6.10
    Jan 6 08:45:10 sshd[17131]: Failed password for invalid user win from 190.145.6.10 port 52532 ssh2
    Jan 6 08:45:10 sshd[17134]: Failed password for nobody from 190.145.6.10 port 59519 ssh2
    Jan 6 08:45:11 sshd[17136]: Invalid user x from 190.145.6.10
    Jan 6 08:45:11 sshd[17136]: Failed password for invalid user x from 190.145.6.10 port 62378 ssh2
    Jan 6 08:45:12 sshd[17138]: Failed password for root from 190.145.6.10 port 65207 ssh2
    Jan 6 08:45:12 sshd[17139]: Invalid user poker from 190.145.6.10
    Jan 6 08:45:12 sshd[17139]: Failed password for invalid user poker from 190.145.6.10 port 64850 ssh2
    Jan 6 08:45:12 sshd[17142]: Failed password for root from 190.145.6.10 port 60107 ssh2
    Jan 6 08:45:13 sshd[17221]: Invalid user mail from 190.145.6.10
    Jan 6 08:45:13 sshd[17221]: Failed password for invalid user mail from 190.145.6.10 port 50795 ssh2
    Jan 6 08:45:13 sshd[17216]: Failed password for root from 190.145.6.10 port 59412 ssh2
    Jan 6 08:45:13 sshd[17145]: Invalid user x from 190.145.6.10
    Jan 6 08:45:13 sshd[17145]: Failed password for invalid user x from 190.145.6.10 port 51734 ssh2
    Jan 6 08:45:14 sshd[17224]: Invalid user backup from 190.145.6.10
    Jan 6 08:45:14 sshd[17224]: Failed password for invalid user backup from 190.145.6.10 port 58385 ssh2
    Jan 6 08:45:15 sshd[17228]: Failed password for daemon from 190.145.6.10 port 55012 ssh2
    Jan 6 08:45:15 sshd[17229]: Failed password for root from 190.145.6.10 port 58164 ssh2
    Jan 6 08:45:16 sshd[17234]: Invalid user backup from 190.145.6.10
    Jan 6 08:45:16 sshd[17234]: Failed password for invalid user backup from 190.145.6.10 port 55348 ssh2
    Jan 6 08:45:16 sshd[17230]: Invalid user x from 190.145.6.10
    Jan 6 08:45:16 sshd[17230]: Failed password for invalid user x from 190.145.6.10 port 54745 ssh2
    Jan 6 08:45:20 sshd[17246]: Invalid user info from 190.145.6.10
    Jan 6 08:45:20 sshd[17246]: Failed password for invalid user info from 190.145.6.10 port 64965 ssh2
    Jan 6 08:45:21 sshd[17247]: Invalid user temp from 190.145.6.10
    Jan 6 08:45:21 sshd[17247]: Failed password for invalid user temp from 190.145.6.10 port 50072 ssh2
    Jan 6 08:45:25 sshd[17251]: Invalid user shop from 190.145.6.10
    Jan 6 08:45:25 sshd[17251]: Failed password for invalid user shop from 190.145.6.10 port 58302 ssh2
    Jan 6 08:45:25 sshd[17252]: Invalid user temp from 190.145.6.10
    Jan 6 08:45:25 sshd[17252]: Failed password for invalid user temp from 190.145.6.10 port 51052 ssh2
    Jan 6 08:45:27 sshd[17259]: Invalid user backup from 190.145.6.10
    Jan 6 08:45:27 sshd[17259]: Failed password for invalid user backup from 190.145.6.10 port 59260 ssh2
    Jan 6 08:45:27 sshd[17260]: Invalid user temp from 190.145.6.10
    Jan 6 08:45:27 sshd[17260]: Failed password for invalid user temp from 190.145.6.10 port 60735 ssh2
    Jan 6 08:45:29 sshd[17265]: Invalid user temp from 190.145.6.10
    Jan 6 08:45:29 sshd[17265]: Failed password for invalid user temp from 190.145.6.10 port 60698 ssh2
    Jan 6 08:45:29 sshd[17264]: Invalid user sales from 190.145.6.10
    Jan 6 08:45:29 sshd[17264]: Failed password for invalid user sales from 190.145.6.10 port 56377 ssh2
    Jan 6 08:45:31 sshd[17268]: Invalid user sales from 190.145.6.10
    Jan 6 08:45:31 sshd[17268]: Failed password for invalid user sales from 190.145.6.10 port 61022 ssh2
    Jan 6 08:45:36 sshd[17271]: Invalid user web from 190.145.6.10
    Jan 6 08:45:36 sshd[17271]: Failed password for invalid user web from 190.145.6.10 port 59399 ssh2
    Jan 6 08:45:38 sshd[17274]: Invalid user web from 190.145.6.10
    Jan 6 08:45:38 sshd[17274]: Failed password for invalid user web from 190.145.6.10 port 55474 ssh2
    Jan 6 08:45:39 sshd[17276]: Failed password for www from 190.145.6.10 port 58041 ssh2
    Jan 6 08:45:41 sshd[17280]: Failed password for www from 190.145.6.10 port 56898 ssh2

    Is there a possibility to install fail2ban?
    I have no firewall rules on my wan but still my webinterface and ssh is reachable from the outside!

    Any help is appreciated to stop this very dangerous situation.

    0

  • Move SSH to a non-standard port.
    Stop using password login.
    You can disable this by checking the checkbox: "Disable Password login for Secure Shell (KEY only)" and paste your key in the field below.

    0
  • R

    @GruensFroeschli:

    Move SSH to a non-standard port.
    Stop using password login.
    You can disable this by checking the checkbox: "Disable Password login for Secure Shell (KEY only)" and paste your key in the field below.

    Ssh with password is secure when it is disabled and only allowed from a certain ip address and that is what I like to accomplish

    0

  • Well yes if you create your firewall rules so that you can access it only from certain IP addresses, then it's secured against brute-force attacks.
    But then you wouldn't get the log-entries you just showed (since the firewall would block these connections).

    0
  • R

    @GruensFroeschli:

    Well yes if you create your firewall rules so that you can access it only from certain IP addresses, then it's secured against brute-force attacks.
    But then you wouldn't get the log-entries you just showed (since the firewall would block these connections).

    That is what I am trying to do.
    But having 0 rules on the wan should mean no ssh access for anyone. Instead everyone has access…

    You can see the current rules on:

    0
  • ?

    hmm..the source ip address should be something like

    213.123.0.0/16

    0
  • R

    @fredde:

    hmm..the source ip address should be something like

    213.123.0.0/16

    I know just removed the last part for security reasons :)

    0
  • D

    It is unfortunate that the way this got posted, the right side of the window is chopped off.

    0

  • There is a slidebar at the botton :)

    Can you enable logging for all rules that allow traffic on your WAN? Can you post the pfctl outputs from your /IP_of_your_pfsense/status.php

    0
  • D

    Sigh, long day.  I didn't see that bar in the post window :)

    0
  • R

    pfctl -sn

    nat-anchor "pftpx/" all
    nat-anchor "natearly/    " all
    nat-anchor "natrules/" all
    nat on le0 inet from 192.168.0.0/16 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
    nat on ng0 inet from 192.168.0.0/16 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
    nat on le0 inet from 192.168.0.0/16 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
    nat on ng0 inet from 192.168.0.0/16 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
    nat on le0 inet from 192.168.0.0/16 to any -> (ng0) port 1024:65535 round-robin
    nat on ng0 inet from 192.168.0.0/16 to any -> (ng0) port 1024:65535 round-robin
    rdr-anchor "pftpx/    " all
    rdr-anchor "slb" all
    no rdr on le1 proto tcp from any to <vpns>port = ftp
    rdr on le1 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021
    rdr-anchor "imspector" all
    rdr-anchor "miniupnpd" all

    pfctl -sr

    scrub all random-id max-mss 1452 fragment reassemble
    block drop in all label "SHAPER: first match rule" tag unshaped
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesDown tagged qGamesUp
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3074 keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3074 keep state tag qGamesDown tagged unshaped
    pass out on le0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown
    pass out on ng0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3074 flags S/SA keep state tag qGamesDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass out on ng0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = kerberos-sec keep state tag qGamesDown tagged unshaped
    pass out on le0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on ng0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3074 keep state tag qGamesDown tagged unshaped
    pass out on le0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped
    pass out on ng0 proto udp from any to any port = 3074 keep state tag qGamesUp tagged qGamesDown
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3074 flags S/SA keep state tag qGamesDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 3074 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3074 flags S/SA keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6112:6119 flags S/SA keep state tag qGamesDown tagged unshaped
    pass out on le0 proto tcp from any to any port 6112:6119 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on ng0 proto tcp from any to any port 6112:6119 flags S/SA keep state tag qGamesUp tagged qGamesDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6112:6119 flags S/SA keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = kerberos-sec keep state tag qGamesDown tagged unshaped
    pass out on le0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped
    pass out on ng0 proto udp from any to any port = kerberos-sec keep state tag qGamesUp tagged qGamesDown
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = kerberos-sec keep state tag qGamesDown tagged qGamesUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = smtp flags S/SA keep state tag qOthersDownH tagged unshaped
    pass out on le0 proto tcp from any to any port = smtp flags S/SA keep state tag qOthersUpH tagged qOthersDownH
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersUpH tagged unshaped
    pass out on ng0 proto tcp from any to any port = smtp flags S/SA keep state tag qOthersUpH tagged qOthersDownH
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersUpH tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = smtp flags S/SA keep state tag qOthersDownH tagged qOthersUpH
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = rtsp flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = rtsp flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port = rtsp flags S/SA keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = snmp flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = snmp flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = snmp flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = rtsp flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 137:139 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = microsoft-ds flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = http flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = http flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = http flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = http flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = https flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = https flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = https flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = domain keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = domain keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = domain keep state tag qwandef tagged qlandef
    pass out on ng0 proto udp from any to any port = domain keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = domain flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = domain flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = domain flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = domain flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = https flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = pop3 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = pop3 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = pop3 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = imap flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = microsoft-ds flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = microsoft-ds flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = microsoft-ds flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = snmp flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = imap flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = imap flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto icmp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = imap flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto icmp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto icmp from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = pop3 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto icmp from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped
    pass out on le0 proto icmp all keep state tag qwandef tagged qlandef
    pass out on ng0 proto icmp all keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 137:139 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port 137:139 flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port 137:139 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = snmp keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = snmp keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = snmp keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = nntp keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5631 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 5631 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 5631 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5631 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = nntp keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = nntp keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = nntp keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = nntp flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3306 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 3306 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 3306 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3306 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = nntp flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = nntp flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port = nntp flags S/SA keep state tag qwandef tagged qlandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 5632 keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = 5632 keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = 5632 keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 5632 keep state tag qlandef tagged qwandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port 8767:8768 keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = cvsup flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = cvsup flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = cvsup flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = cvsup flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port 8767:8768 keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port 8767:8768 keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port 8767:8768 keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 51234 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 14534 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 14534 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 14534 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 14534 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 51234 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 51234 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 51234 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = lotusnote keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = lotusnote keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = lotusnote keep state tag qwandef tagged qlandef
    pass out on ng0 proto udp from any to any port = lotusnote keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5900 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 5900 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 5900 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5900 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 3283 keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = 3283 keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = 3283 keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3283 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3283 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 3283 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 3283 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = snmp keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 5900:5930 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port 5900:5930 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port 5900:5930 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 5900:5930 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 3283 keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 5900 keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = 5900 keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = 5900 keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = aol keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = lotusnote flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = lotusnote flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = lotusnote flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = lotusnote flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = aol keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = aol keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = aol keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 5900 keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = aol flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = aol flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = aol flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = jabber-server flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8000:8100 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = 6346 keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8038:8039 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 8038:8039 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port 8038:8039 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = 6346 keep state tag qP2PDown tagged unshaped
    pass out on le0 proto udp from any to any port = 6346 keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto udp from any to any port = 6346 keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 4661:4665 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6346 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8038:8039 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 28864:28865 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 28864:28865 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port 28864:28865 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 4329 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6699:6701 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 6699:6701 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port 6699:6701 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 4329 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 4329 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 4329 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 5500:5503 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 28864:28865 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 5500:5503 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 5500:5503 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port 5500:5503 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 4661:4665 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 4661:4665 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port 4661:4665 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 1044:1045 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port 6881:6999 keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 7788 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 7788 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port = 7788 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port 6881:6999 keep state tag qP2PDown tagged unshaped
    pass out on le0 proto udp from any to any port 6881:6999 keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto udp from any to any port 6881:6999 keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6881:6999 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 7668 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6881:6999 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 6881:6999 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port 6881:6999 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 7788 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 2340 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 2340 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 2340 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = synoptics-trap flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 1044:1045 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 1044:1045 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port 1044:1045 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = synoptics-trap flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = synoptics-trap flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = synoptics-trap flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6666:6668 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 2340 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6666:6668 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 6666:6668 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port 6666:6668 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6699:6701 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8888:8889 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port 8888:8889 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port 8888:8889 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto esp from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped
    pass out on le0 proto esp all keep state tag qwandef tagged qlandef
    pass in on le0 inet proto esp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on ng0 proto esp all keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto esp from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto esp from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef
    pass in on le0 inet proto ah from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto ah from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto ah from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef
    pass in on le1 inet proto ah from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped
    pass out on le0 proto ah all keep state tag qwandef tagged qlandef
    pass out on ng0 proto ah all keep state tag qwandef tagged qlandef
    pass in on le1 inet proto udp from 192.168.0.0/16 to any port = isakmp keep state tag qlandef tagged unshaped
    pass out on le0 proto udp from any to any port = isakmp keep state tag qwandef tagged qlandef
    pass in on le0 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qwandef tagged unshaped
    pass out on ng0 proto udp from any to any port = isakmp keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qwandef tagged unshaped
    pass out on le1 inet proto udp from any to 192.168.0.0/16 port = isakmp keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 8000:8100 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port 8000:8100 flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port 8000:8100 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 7668 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 7668 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port = 7668 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 5223 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 5223 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = 5223 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 5223 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = jabber-client flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = jabber-client flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = jabber-client flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port = jabber-client flags S/SA keep state tag qwandef tagged qlandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port 6667:6670 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port 6667:6670 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port 6667:6670 flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 6667:6670 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto gre from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto gre from any to 192.168.0.0/16 keep state tag qwandef tagged unshaped
    pass out on le1 inet proto gre from any to 192.168.0.0/16 keep state tag qlandef tagged qwandef
    pass in on le1 inet proto gre from 192.168.0.0/16 to any keep state tag qlandef tagged unshaped
    pass out on le0 proto gre all keep state tag qwandef tagged qlandef
    pass out on ng0 proto gre all keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6346 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = aol flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = aol flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port = aol flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6346 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 6346 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 8311 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port 8888:8889 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 8311 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 8311 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on ng0 proto tcp from any to any port = 8311 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = aol flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 6699 flags S/SA keep state tag qP2PDown tagged unshaped
    pass out on le0 proto tcp from any to any port = 6699 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass out on ng0 proto tcp from any to any port = 6699 flags S/SA keep state tag qP2PUp tagged qP2PDown
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = pptp flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = pptp flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qwandef tagged unshaped
    pass out on ng0 proto tcp from any to any port = pptp flags S/SA keep state tag qwandef tagged qlandef
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = pptp flags S/SA keep state tag qlandef tagged qwandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qwandef tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qwandef tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 3389 flags S/SA keep state tag qlandef tagged qwandef
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = 3389 flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = 3389 flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port = 3389 flags S/SA keep state tag qwandef tagged qlandef
    pass in on le0 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PUp tagged unshaped
    pass in on ng0 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PUp tagged unshaped
    pass out on le1 inet proto tcp from any to 192.168.0.0/16 port = 6699 flags S/SA keep state tag qP2PDown tagged qP2PUp
    pass in on le1 inet proto tcp from 192.168.0.0/16 to any port = jabber-server flags S/SA keep state tag qlandef tagged unshaped
    pass out on le0 proto tcp from any to any port = jabber-server flags S/SA keep state tag qwandef tagged qlandef
    pass out on ng0 proto tcp from any to any port = jabber-server flags S/SA keep state tag qwandef tagged qlandef
    anchor "ftpsesame/" all
    anchor "firewallrules" all
    block drop quick proto tcp from any port = 0 to any
    block drop quick proto tcp from any to any port = 0
    block drop quick proto udp from any port = 0 to any
    block drop quick proto udp from any to any port = 0
    block drop quick from <snort2c>to any label "Block snort2c hosts"
    block drop quick from any to <snort2c>label "Block snort2c hosts"
    block drop in quick inet6 all
    block drop out quick inet6 all
    anchor "loopback" all
    pass in quick on lo0 all flags S/SA keep state label "pass loopback"
    pass out quick on lo0 all flags S/SA keep state label "pass loopback"
    anchor "packageearly" all
    anchor "carp" all
    pass quick inet proto icmp from 81.11.184.59 to any keep state
    anchor "dhcpserverlan" all
    pass in quick on le1 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server on LAN"
    pass in quick on le1 inet proto udp from any port = bootpc to 192.168.5.1 port = bootps keep state label "allow access to DHCP server on LAN"
    pass out quick on le1 inet proto udp from 192.168.5.1 port = bootps to any port = bootpc keep state label "allow access to DHCP server on LAN"
    block drop in log quick on le0 inet proto udp from any port = bootps to 192.168.0.0/16 port = bootpc label "block dhcp client out wan"
    block drop in log quick on ng0 inet proto udp from any port = bootps to 192.168.0.0/16 port = bootpc label "block dhcp client out wan"
    block drop in on ! le1 inet from 192.168.0.0/16 to any
    block drop in inet from 192.168.5.1 to any
    block drop in on le1 inet6 from fe80::20c:29ff:febe:2472 to any
    anchor "spoofing" all
    anchor "spoofing" all
    block drop in on le0 inet6 from fe80::20c:29ff:febe:2468 to any
    block drop in on ng0 inet6 from fe80::20c:29ff:febe:2468 to any
    block drop in on ! ng0 inet from 81.11.184.59 to any
    block drop in inet from 81.11.184.59 to any
    block drop in log quick on le0 inet from 10.0.0.0/8 to any label "block private networks from wan block 10/8"
    block drop in log quick on ng0 inet from 10.0.0.0/8 to any label "block private networks from wan block 10/8"
    block drop in log quick on le0 inet from 127.0.0.0/8 to any label "block private networks from wan block 127/8"
    block drop in log quick on ng0 inet from 127.0.0.0/8 to any label "block private networks from wan block 127/8"
    block drop in log quick on le0 inet from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12"
    block drop in log quick on ng0 inet from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12"
    block drop in log quick on le0 inet from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16"
    block drop in log quick on ng0 inet from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16"
    anchor "limitingesr" all
    block drop in quick from <virusprot>to any label "virusprot overload table"
    anchor "wanbogons" all
    block drop in log quick on le0 from <bogons>to any label "block bogon networks from wan"
    block drop in log quick on ng0 from <bogons>to any label "block bogon networks from wan"
    anchor "firewallout" all
    pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) tagged qwandef
    pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks) tagged qwandef
    pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PUp, qwanacks) tagged qP2PUp
    pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PUp, qwanacks) tagged qP2PUp
    pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesUp, qwanacks) tagged qGamesUp
    pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesUp, qwanacks) tagged qGamesUp
    pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersUpH, qwanacks) tagged qOthersUpH
    pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersUpH, qwanacks) tagged qOthersUpH
    pass out quick on le0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks)
    pass out quick on ng0 all flags S/SA keep state label "let out anything from firewall host itself" queue(qwandef, qwanacks)
    pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qlandef, qlanacks) tagged qlandef
    pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qP2PDown, qlanacks) tagged qP2PDown
    pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qGamesDown, qlanacks) tagged qGamesDown
    pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qOthersDownH, qlanacks) tagged qOthersDownH
    pass out quick on le1 all flags S/SA keep state label "let out anything from firewall host itself" queue(qlandef, qlanacks)
    pass out quick on le2 all flags S/SA keep state label "let out anything from firewall host itself"
    pass out quick on enc0 all flags S/SA keep state label "IPSEC internal host to host"
    pass out quick on ng0 proto icmp all keep state (tcp.closed 5) label "let out anything from firewall host itself"
    anchor "anti-lockout" all
    pass in quick on le1 inet from any to 192.168.5.1 flags S/SA keep state label "anti-lockout web rule"
    block drop in log quick proto tcp from <sshlockout>to any port = ssh label "sshlockout"
    anchor "ftpproxy" all
    anchor "pftpx/    " all
    anchor "qwanRoot" all tagged qwanRoot
    anchor "qlanRoot" all tagged qlanRoot
    anchor "qwandef" all tagged qwandef
    anchor "qlandef" all tagged qlandef
    anchor "qwanacks" all tagged qwanacks
    anchor "qlanacks" all tagged qlanacks
    anchor "qP2PUp" all tagged qP2PUp
    anchor "qP2PDown" all tagged qP2PDown
    anchor "qGamesUp" all tagged qGamesUp
    anchor "qGamesDown" all tagged qGamesDown
    anchor "qOthersUpH" all tagged qOthersUpH
    anchor "qOthersDownH" all tagged qOthersDownH
    anchor "qOthersUpL" all tagged qOthersUpL
    anchor "qOthersDownL" all tagged qOthersDownL
    pass in log quick on le0 inet proto tcp from 212.123.16.0/20 to any flags S/SA keep state label "USER_RULE" queue(qwandef, qwanacks)
    pass in log quick on le0 inet proto udp from 212.123.16.0/20 to any keep state label "USER_RULE" queue(qwandef, qwanacks)
    pass in log quick on ng0 inet proto tcp from 212.123.16.0/20 to any flags S/SA keep state label "USER_RULE" queue(qwandef, qwanacks)
    pass in log quick on ng0 inet proto udp from 212.123.16.0/20 to any keep state label "USER_RULE" queue(qwandef, qwanacks)
    pass in quick on le1 inet from 192.168.0.0/16 to any flags S/SA keep state label "USER_RULE: Default LAN -> any" queue(qlandef, qlanacks)
    pass in quick on le1 inet proto tcp from any to 127.0.0.1 port = ftp-proxy flags S/SA keep state label "FTP PROXY: Allow traffic to localhost"
    pass in quick on le1 inet proto tcp from any to 127.0.0.1 port = ftp flags S/SA keep state label "FTP PROXY: Allow traffic to localhost"
    pass in quick on ng0 inet proto tcp from any port = ftp-data to (ng0) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection"
    anchor "imspector" all
    anchor "miniupnpd" all
    block drop in log quick all label "Default deny rule"
    block drop out log quick all label "Default deny rule"

    pfctl -ss

    all udp 192.168.5.1:4007 -> 239.255.255.250:1900      SINGLE:NO_TRAFFIC
    all tcp 209.85.229.99:80 <- 192.168.2.2:1035      FIN_WAIT_2:ESTABLISHED
    all tcp 192.168.2.2:1035 -> 81.11.184.59:34808 -> 209.85.229.99:80      ESTABLISHED:FIN_WAIT_2
    all tcp 64.4.34.78:1863 <- 192.168.2.2:1041      ESTABLISHED:ESTABLISHED
    all tcp 192.168.2.2:1041 -> 81.11.184.59:16705 -> 64.4.34.78:1863      ESTABLISHED:ESTABLISHED
    all tcp 81.11.184.59:80 <- 212.123.26.190:1093      FIN_WAIT_2:FIN_WAIT_2
    all tcp 207.46.113.78:443 <- 192.168.2.2:1068      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1068 -> 81.11.184.59:44237 -> 207.46.113.78:443      TIME_WAIT:TIME_WAIT
    all tcp 65.54.167.92:80 <- 192.168.2.2:1070      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1070 -> 81.11.184.59:31418 -> 65.54.167.92:80      TIME_WAIT:TIME_WAIT
    all tcp 207.46.216.54:80 <- 192.168.2.2:1075      ESTABLISHED:ESTABLISHED
    all tcp 192.168.2.2:1075 -> 81.11.184.59:63614 -> 207.46.216.54:80      ESTABLISHED:ESTABLISHED
    all tcp 64.4.20.186:80 <- 192.168.2.2:1079      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1079 -> 81.11.184.59:13475 -> 64.4.20.186:80      TIME_WAIT:TIME_WAIT
    all tcp 64.4.20.186:80 <- 192.168.2.2:1085      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1085 -> 81.11.184.59:61698 -> 64.4.20.186:80      TIME_WAIT:TIME_WAIT
    all tcp 194.78.100.17:80 <- 192.168.2.2:1087      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1087 -> 81.11.184.59:7202 -> 194.78.100.17:80      TIME_WAIT:TIME_WAIT
    all tcp 65.55.206.60:80 <- 192.168.2.2:1090      ESTABLISHED:ESTABLISHED
    all tcp 192.168.2.2:1090 -> 81.11.184.59:18712 -> 65.55.206.60:80      ESTABLISHED:ESTABLISHED
    all tcp 204.160.98.126:80 <- 192.168.2.2:1091      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1091 -> 81.11.184.59:47682 -> 204.160.98.126:80      TIME_WAIT:TIME_WAIT
    all tcp 209.84.7.126:80 <- 192.168.2.2:1092      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1092 -> 81.11.184.59:46978 -> 209.84.7.126:80      TIME_WAIT:TIME_WAIT
    all tcp 213.246.206.102:80 <- 192.168.2.2:1093      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1093 -> 81.11.184.59:47676 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 212.35.126.188:80 <- 192.168.2.2:1094      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1094 -> 81.11.184.59:64680 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 213.199.141.140:80 <- 192.168.2.2:1095      ESTABLISHED:ESTABLISHED
    all tcp 192.168.2.2:1095 -> 81.11.184.59:7986 -> 213.199.141.140:80      ESTABLISHED:ESTABLISHED
    all tcp 213.199.141.139:80 <- 192.168.2.2:1096      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1096 -> 81.11.184.59:54173 -> 213.199.141.139:80      TIME_WAIT:TIME_WAIT
    all tcp 65.54.89.62:80 <- 192.168.2.2:1097      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1097 -> 81.11.184.59:44686 -> 65.54.89.62:80      TIME_WAIT:TIME_WAIT
    all tcp 194.129.79.21:80 <- 192.168.2.2:1098      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1098 -> 81.11.184.59:34311 -> 194.129.79.21:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 213.246.206.102:80 <- 192.168.2.2:1099      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1099 -> 81.11.184.59:41605 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 212.35.126.188:80 <- 192.168.2.2:1100      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1100 -> 81.11.184.59:40556 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 209.85.229.148:80 <- 192.168.2.2:1101      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1101 -> 81.11.184.59:39817 -> 209.85.229.148:80      TIME_WAIT:TIME_WAIT
    all tcp 209.85.229.148:80 <- 192.168.2.2:1102      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1102 -> 81.11.184.59:32644 -> 209.85.229.148:80      TIME_WAIT:TIME_WAIT
    all tcp 194.78.100.17:80 <- 192.168.2.2:1103      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1103 -> 81.11.184.59:22993 -> 194.78.100.17:80      TIME_WAIT:TIME_WAIT
    all tcp 81.11.184.59:80 <- 212.123.26.190:1107      ESTABLISHED:ESTABLISHED
    all tcp 194.78.100.17:80 <- 192.168.2.2:1104      ESTABLISHED:ESTABLISHED
    all tcp 192.168.2.2:1104 -> 81.11.184.59:29878 -> 194.78.100.17:80      ESTABLISHED:ESTABLISHED
    all tcp 213.246.206.102:80 <- 192.168.2.2:1105      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1105 -> 81.11.184.59:36488 -> 213.246.206.102:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 212.35.126.188:80 <- 192.168.2.2:1106      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1106 -> 81.11.184.59:64930 -> 212.35.126.188:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 213.199.141.139:80 <- 192.168.2.2:1107      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1107 -> 81.11.184.59:62799 -> 213.199.141.139:80      TIME_WAIT:TIME_WAIT
    all tcp 194.129.79.21:80 <- 192.168.2.2:1108      FIN_WAIT_2:FIN_WAIT_2
    all tcp 192.168.2.2:1108 -> 81.11.184.59:47571 -> 194.129.79.21:80      FIN_WAIT_2:FIN_WAIT_2
    all tcp 65.54.89.49:80 <- 192.168.2.2:1109      TIME_WAIT:TIME_WAIT
    all tcp 192.168.2.2:1109 -> 81.11.184.59:59554 -> 65.54.89.49:80      TIME_WAIT:TIME_WAIT
    all tcp 194.78.100.11:80 <- 192.168.2.2:1110      TIME_WAIT:TIME_WAIT
    all tcp 192</sshlockout></bogons></bogons></virusprot></snort2c></snort2c></vpns>

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy