# TODO: Allow in ICMP(v6) by message type
# TODO: Rate-limit ssh

# ICMP(v6)
alg "icmp"

group "services" in on vioif0 {
      pass stateful proto tcp to any port ssh
}

group "localhost" in on lo0 {
      pass stateful all
}

group default {
      # Default rule
      block all

      # Let it goooooo
      pass stateful out all
}