pass out quick on tun0 proto tcp from any to any flags S/SAFR keep state keep frags
pass out quick on tun0 proto udp from any to any keep state keep frags
pass out quick on tun0 proto icmp from any to any keep state keep frags
#允许对内部网ping的包进入
pass in quick on tun0 proto icmp from any to
pass in quick on tun0 proto icmp from any to
pass in quick on tun0 proto icmp from any to
pass in quick on tun0 proto icmp from any to
#允许22和80端口对外访问,即允许端口为22和80的地址允许通过
pass in quick on tun0 proto tcp from any to any port = 22 flags S keep state
pass in quick on tun0 proto tcp from any to any port = 80 flags S keep state
