#!/bin/sh
ipfw -q -f flush
ipfw add allow ip from any to any via lo0
ipfw deny ip from any to any to 127.0.0.0/8
ipfw add deny log ip from any to any ipopt rr
ipfw add deny log ip from any to any ipopt ts
ipfw add deny log ip from any to any ipopt ssrr
ipfw add deny log ip from any to any ipopt lsrr
ipfw add deny tcp from any to any in tcpflags syn,fin
ipfw add deny udp from any to any 80
ipfw add allow udp from me to any 53 out
ipfw add allow udp from any 53 to me in
ipfw add check-state
ipfw add allow tcp from me to 140.207.69.30 out setup keep-state
ipfw add allow tcp from 140.207.69.30 to me in setup keep-state
ipfw add allow tcp from me to 112.65.195.175 out setup keep-state
ipfw add allow tcp from me to 101.226.62.63 out setup keep-state
ipfw add allow tcp from me to 101.226.103.122 out setup keep-state
ipfw add allow tcp from me to 58.251.139.148 out setup keep-state
ipfw add allow tcp from me to 140.207.54.53 out setup keep-state
ipfw add allow tcp from me to 183.60.15.158 out setup keep-state
ipfw add allow tcp from me to 112.90.83.87 out setup keep-state
ipfw add allow tcp from me to 123.58.177.199 25 out setup keep-state
ipfw add allow tcp from me to 123.58.178.59 25 out setup keep-state
ipfw add allow tcp from 123.58.178.59 to me in setup keep-state
ipfw add allow tcp from 123.58.177.199 to me in setup keep-state
ipfw add allow tcp from any to me 80 in
ipfw add allow tcp from me 80 to any out
ipfw add allow tcp from 192.168.1.x to me 21,22 in setup keep-state
ipfw add allow tcp from me to 192.168.1.x out setup keep-state
ipfw add deny log all from any to any