table <blockedips> persist file "/etc/pf.blocked.ip.conf"set skip on lo

1. table <blockedips> persist file "/etc/pf.blocked.ip.conf"
2.  
3.  
4. set skip on lo
5.  
6. match out on egress inet from !(egress) to any nat-to (egress:0)
7.  
8. block in log
9.  
10. pass out quick
11.  
12. pass in inet proto icmp all
13.  
14. pass in on fxp1
15.  
16. pass in on fxp0 proto tcp from any to any port 22 rdr-to 192.168.10.200
17. pass in on fxp0 proto tcp from any to any port 443 rdr-to 192.168.10.200
18.  
19. block drop in log (all) quick on fxp0 from <blockedips> to any