Lines Matching refs:on
3 # log all inbound packet on le0 which has IP options present
5 log in on le0 from any to any with ipopts
7 # block any inbound packets on le0 which are fragmented and "too short" to
8 # do any meaningful comparison on. This actually only applies to TCP
9 # packets which can be missing the flags/ports (depending on which part
12 block in log quick on le0 from any to any with short frag
19 log in on le0 proto tcp from any to any flags S/SA
23 block in log on le0 proto icmp from any to any icmp-type unreach
25 # block and log any inbound UDP packets on le0 which are going to port 2049
28 block in log on le0 proto udp from any to any port = 2049
39 block in quick on le0 from any to any with ipopts
47 block in on le0 proto udp from any to 10.1.3.0/24
48 block in on le0 proto udp from any to 10.1.1.0/24
49 block in on le0 proto udp from any to 10.1.2.0/24
54 block in on le0 proto tcp from any to 10.1.3.0/24 flags S/SA
55 block in on le0 proto tcp from any to 10.1.2.0/24 flags S/SA
56 block in on le0 proto tcp from any to 10.1.1.0/24 flags S/SA
60 block in on le0 proto icmp from any to 10.1.3.0/24
61 block in on le0 proto icmp from any to 10.1.1.0/24
62 block in on le0 proto icmp from any to 10.1.2.0/24