# Reliable networks
pass in quick from pool/reliable
# Intruders
block return-icmp(port-unr) in quick from pool/intruders
# Spoofing
block in quick from pool/spoofing
# Rules
pass in quick on igb0 proto tcp from 192.168.0.2/32 to any flags S keep state
pass in quick on igb0 proto udp from 192.168.0.2/32 to any keep state
block in log quick on igb0 proto tcp from any to any port = 25
block in on igb2 all
pass in quick on igb2 proto udp from 0.0.0.0/32 port = 68 to 255.255.255.255/32 port = 67
pass in quick on igb2 proto udp from 172.16.0.0/32 port = 68 to 172.16.0.1/32 port = 67
pass in quick on igb2 proto icmp from 172.16.0.0/24 to 172.16.0.1/32 icmp-type 8 keep state
pass in quick on igb2 proto tcp from 172.16.0.0/24 to 172.16.0.1/32 port = 53 flags S keep state 
pass in quick on igb2 proto udp from 172.16.0.0/24 to 172.16.0.1/32 port = 53 keep state
pass in quick on igb2 proto tcp from 172.16.0.0/24 to 172.16.0.1/32 port = 80 flags S keep state
pass in quick on igb2 proto tcp from 172.16.0.0/24 to 172.16.0.1/32 port = 443 flags S keep state