#允许访问本机ftp服务
#pass in quick on tun0 proto tcp from any to any port = ftp flags S/SA keep state
#pass in quick on tun0 proto tcp from any to any port = ftp-data flags S/SA keep state
#允许DNS服务的包通过
pass in quick on tun0 proto tcp from any to any port = 53 flags S keep state
pass in quick on tun0 proto udp from any to any port = 53 keep state
pass in on tun0 proto udp from any port = 53 to any
