@0 scrub from any to <vpn_networks:1> fragment no reassemble
  [ Evaluations: 3894983778  Packets: 99566     Bytes: 2274530     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@1 scrub from <vpn_networks:1> to any fragment no reassemble
  [ Evaluations: 3894884212  Packets: 102340    Bytes: 6441370     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@2 scrub on lagg0.4090 inet all fragment reassemble
  [ Evaluations: 3894781872  Packets: 1585384779  Bytes: 647977114656  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@3 scrub on lagg0.4090 inet6 all fragment reassemble
  [ Evaluations: 4444      Packets: 4444      Bytes: 417736      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@4 scrub on lagg0.4091 inet all fragment reassemble
  [ Evaluations: 2309392651  Packets: 1101968356  Bytes: 674854287032  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@5 scrub on lagg0.4091 inet6 all fragment reassemble
  [ Evaluations: 18480     Packets: 18480     Bytes: 3752401     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@6 scrub on ix0 inet all fragment reassemble
  [ Evaluations: 1207405815  Packets: 171329    Bytes: 16291846    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@7 scrub on ix0 inet6 all fragment reassemble
  [ Evaluations: 8912      Packets: 8912      Bytes: 2599330     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@8 scrub on lagg0.4080 inet all fragment reassemble
  [ Evaluations: 1207225574  Packets: 619578783  Bytes: 423619525480  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@9 scrub on lagg0.4080 inet6 all fragment reassemble
  [ Evaluations: 312       Packets: 312       Bytes: 28585       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@10 scrub on lagg0.4081 inet all fragment reassemble
  [ Evaluations: 587646479  Packets: 230481    Bytes: 13757273    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@11 scrub on lagg0.4081 inet6 all fragment reassemble
  [ Evaluations: 2161      Packets: 2161      Bytes: 198770      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@12 scrub on lagg0.4082 inet all fragment reassemble
  [ Evaluations: 587413837  Packets: 55982134  Bytes: 25789356600  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@13 scrub on lagg0.4082 inet6 all fragment reassemble
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@14 scrub on lagg0.4084 inet all fragment reassemble
  [ Evaluations: 531431703  Packets: 418       Bytes: 9204        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@15 scrub on lagg0.4084 inet6 all fragment reassemble
  [ Evaluations: 1         Packets: 1         Bytes: 116         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@0 anchor "openvpn/*" all
  [ Evaluations: 3524720   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@1 anchor "ipsec/*" all
  [ Evaluations: 3524720   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@2 pass in quick on lo0 inet6 all flags S/SA keep state (if-bound) label "descr=pass IPv6 loopback" ridentifier 1000000001
  [ Evaluations: 3524720   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@3 pass out quick on lo0 inet6 all flags S/SA keep state (if-bound) label "descr=pass IPv6 loopback" ridentifier 1000000002
  [ Evaluations: 2208      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@4 block drop in log quick inet6 all label "descr=Block all IPv6" ridentifier 1000000003
  [ Evaluations: 3520304   Packets: 34305     Bytes: 6996482     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:22 2026 ]
@5 block drop out log quick inet6 all label "descr=Block all IPv6" ridentifier 1000000004
  [ Evaluations: 1576098   Packets: 202       Bytes: 16736       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@6 block drop in log quick inet6 from any to <_nat64reserved_:16> label "descr=Block NAT64 for non-global IPv4" ridentifier 1000000005
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@7 block drop out log quick inet6 from any to <_nat64reserved_:16> label "descr=Block NAT64 for non-global IPv4" ridentifier 1000000006
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@8 block drop in log quick inet from 169.254.0.0/16 to any label "descr=Block IPv4 link-local" ridentifier 1000000101
  [ Evaluations: 3490213   Packets: 129       Bytes: 9660        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@9 block drop in log quick inet from any to 169.254.0.0/16 label "descr=Block IPv4 link-local" ridentifier 1000000102
  [ Evaluations: 1911980   Packets: 731       Bytes: 47892       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:13:01 2026 ]
@10 block drop in log inet all label "descr=Default deny rule IPv4" label "tags=ruleset:7aabba6651490bd3" ridentifier 1000000103
  [ Evaluations: 54197     Packets: 26        Bytes: 8466        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:04:21 2026 ]
@11 block drop out log inet all label "descr=Default deny rule IPv4" label "tags=ruleset:7aabba6651490bd3" ridentifier 1000000104
  [ Evaluations: 98505     Packets: 122       Bytes: 16791       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:13:54 2026 ]
@12 block drop in log inet6 all label "descr=Default deny rule IPv6" label "tags=ruleset:7aabba6651490bd3" ridentifier 1000000105
  [ Evaluations: 98505     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@13 block drop out log inet6 all label "descr=Default deny rule IPv6" label "tags=ruleset:7aabba6651490bd3" ridentifier 1000000106
  [ Evaluations: 44308     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@14 block drop log quick inet proto tcp from any port = 0 to any label "descr=Block traffic from port 0" ridentifier 1000000107
  [ Evaluations: 3489353   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@15 block drop log quick inet proto udp from any port = 0 to any label "descr=Block traffic from port 0" ridentifier 1000000107
  [ Evaluations: 1883119   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@16 block drop log quick inet proto tcp from any to any port = 0 label "descr=Block traffic to port 0" ridentifier 1000000108
  [ Evaluations: 3489353   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@17 block drop log quick inet proto udp from any to any port = 0 label "descr=Block traffic to port 0" ridentifier 1000000108
  [ Evaluations: 1883119   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@18 block drop log quick from <snort2c:0> to any label "descr=Block snort2c hosts" ridentifier 1000000109
  [ Evaluations: 3489354   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@19 block drop log quick from any to <snort2c:0> label "descr=Block snort2c hosts" ridentifier 1000000110
  [ Evaluations: 3489354   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@20 block drop in log quick proto tcp from <sshguard:0> to (self:22) port = ssh label "descr=sshguard" ridentifier 1000000301
  [ Evaluations: 3489354   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@21 block drop in log quick proto tcp from <sshguard:0> to (self:22) port = https label "descr=GUI Lockout" ridentifier 1000000351
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@22 block drop in log quick from <virusprot:0> to any label "descr=virusprot overload table" ridentifier 1000000400
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@23 block drop out quick proto udp from any port = bootps to any port = bootpc label "descr=Prevent routing dhcp responses" ridentifier 1000000451 tagged dhcpin
  [ Evaluations: 3489354   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@24 block drop in log quick on lagg0.4090 from <bogons:10> to any label "descr=block bogon IPv4 networks from WAN" ridentifier 11001
  [ Evaluations: 3489354   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@25 block drop in log on ! lagg0.4090 inet from 193.97.129.0/24 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 2545639   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@26 block drop in log on ! lagg0.4090 inet from 193.97.129.12 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@27 block drop in log on ! lagg0.4090 inet from 193.97.129.13 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@28 block drop in log on ! lagg0.4090 inet from 193.97.129.100 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@29 block drop in log on ! lagg0.4090 inet from 193.97.129.119 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@30 block drop in log on ! lagg0.4090 inet from 193.97.129.96 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@31 block drop in log on ! lagg0.4090 inet from 193.97.129.113 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1847661   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@32 block drop in log on ! lagg0.4090 inet from 193.97.129.114 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1104972   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@33 block drop in log on lagg0.4090 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@34 block drop in log inet from 193.97.129.89 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@35 block drop in log inet from 193.97.129.12 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@36 block drop in log inet from 193.97.129.13 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@37 block drop in log inet from 193.97.129.100 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@38 block drop in log inet from 193.97.129.119 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@39 block drop in log inet from 193.97.129.96 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@40 block drop in log inet from 193.97.129.113 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@41 block drop in log inet from 193.97.129.114 to any label "descr=antispoof protection" ridentifier 1000001471
  [ Evaluations: 1139571   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@42 block drop in log quick on lagg0.4090 inet from 10.0.0.0/8 to any label "descr=Block private networks from WAN block 10/8" ridentifier 12001
  [ Evaluations: 1911250   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@43 block drop in log quick on lagg0.4090 inet from 127.0.0.0/8 to any label "descr=Block private networks from WAN block 127/8" ridentifier 12002
  [ Evaluations: 63589     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@44 block drop in log quick on lagg0.4090 inet from 172.16.0.0/12 to any label "descr=Block private networks from WAN block 172.16/12" ridentifier 12003
  [ Evaluations: 63589     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@45 block drop in log quick on lagg0.4090 inet from 192.168.0.0/16 to any label "descr=Block private networks from WAN block 192.168/16" ridentifier 12004
  [ Evaluations: 63589     Packets: 282       Bytes: 46812       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:10:36 2026 ]
@46 block drop in log quick on lagg0.4090 inet6 from fc00::/7 to any label "descr=Block ULA networks from WAN block fc00::/7" ridentifier 12005
  [ Evaluations: 63307     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@47 block drop in log on ! lagg0.4091 inet from 192.168.128.0/18 to any label "descr=antispoof protection" ridentifier 1000002521
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@48 block drop in log on lagg0.4091 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000002521
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@49 block drop in log inet from 192.168.129.1 to any label "descr=antispoof protection" ridentifier 1000002521
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@50 block drop in log on ! ix0 inet from 192.168.3.0/24 to any label "descr=antispoof protection" ridentifier 1000003571
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@51 block drop in log on ix0 inet6 from fe80::208:a2ff:fe11:cc3f to any label "descr=antispoof protection" ridentifier 1000003571
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@52 block drop in log inet from 192.168.3.254 to any label "descr=antispoof protection" ridentifier 1000003571
  [ Evaluations: 1910968   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@53 pass in quick on ix0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state (if-bound) label "descr=allow access to DHCP relay" ridentifier 1000003591
  [ Evaluations: 1873178   Packets: 4         Bytes: 1324        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@54 block drop in log on ! lagg0.4080 inet from 192.168.1.0/24 to any label "descr=antispoof protection" ridentifier 1000004621
  [ Evaluations: 1910966   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@55 block drop in log on lagg0.4080 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000004621
  [ Evaluations: 1910966   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@56 block drop in log inet from 192.168.1.200 to any label "descr=antispoof protection" ridentifier 1000004621
  [ Evaluations: 1910966   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@57 pass in quick on lagg0.4080 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state (if-bound) label "descr=allow access to DHCP relay" ridentifier 1000004641
  [ Evaluations: 1910966   Packets: 1         Bytes: 363         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@58 block drop in log on ! lagg0.4081 inet from 192.168.254.0/24 to any label "descr=antispoof protection" ridentifier 1000005671
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@59 block drop in log on lagg0.4081 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000005671
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@60 block drop in log inet from 192.168.254.250 to any label "descr=antispoof protection" ridentifier 1000005671
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@61 pass in quick on lagg0.4081 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state (if-bound) label "descr=allow access to DHCP relay" ridentifier 1000005691
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@62 block drop in log on ! lagg0.4082 inet from 192.168.2.0/24 to any label "descr=antispoof protection" ridentifier 1000006721
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@63 block drop in log on lagg0.4082 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000006721
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@64 block drop in log inet from 192.168.2.254 to any label "descr=antispoof protection" ridentifier 1000006721
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@65 pass in quick on lagg0.4082 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state (if-bound) label "descr=allow access to DHCP relay" ridentifier 1000006741
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@66 block drop in log on ! lagg0.4084 inet from 192.168.4.0/24 to any label "descr=antispoof protection" ridentifier 1000007771
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@67 block drop in log on lagg0.4084 inet6 from fe80::208:a2ff:fe11:cc41 to any label "descr=antispoof protection" ridentifier 1000007771
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@68 block drop in log inet from 192.168.4.254 to any label "descr=antispoof protection" ridentifier 1000007771
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@69 pass in quick on lagg0.4084 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state (if-bound) label "descr=allow access to DHCP relay" ridentifier 1000007791
  [ Evaluations: 1910965   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@70 pass in on lo0 inet all flags S/SA keep state (if-bound) label "descr=pass IPv4 loopback" ridentifier 1000009911
  [ Evaluations: 1910965   Packets: 1019671   Bytes: 86577082    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 36    ]
  [ Last Active Time: Wed Apr  8 13:10:43 2026 ]
@71 pass out on lo0 inet all flags S/SA keep state (if-bound) label "descr=pass IPv4 loopback" ridentifier 1000009912
  [ Evaluations: 1580312   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@72 pass out inet all flags S/SA keep state (if-bound) allow-opts label "descr=let out anything IPv4 from firewall host itself" ridentifier 1000009913
  [ Evaluations: 3486861   Packets: 361490930  Bytes: 465616505089  States: 457   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 18672 ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@73 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.89 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010011
  [ Evaluations: 1578104   Packets: 455393095  Bytes: 442110507392  States: 935   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 25478 ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@74 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.12 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010012
  [ Evaluations: 1550507   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@75 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.13 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010013
  [ Evaluations: 1550431   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@76 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.100 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010014
  [ Evaluations: 1550431   Packets: 38667     Bytes: 44578527    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 4     ]
  [ Last Active Time: Wed Apr  8 13:07:39 2026 ]
@77 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.119 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010015
  [ Evaluations: 1550384   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@78 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.96 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010016
  [ Evaluations: 1550384   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@79 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.113 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010017
  [ Evaluations: 1550337   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@80 pass out route-to (lagg0.4090 193.97.129.90) inet from 193.97.129.114 to ! 193.97.129.0/24 flags S/SA keep state (if-bound) allow-opts label "descr=let out anything from firewall host itself" ridentifier 1000010018
  [ Evaluations: 940286    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@81 pass out on enc0 all flags S/SA keep state (if-bound) label "descr=IPsec internal host to host" ridentifier 1000010312
  [ Evaluations: 1578104   Packets: 49286     Bytes: 4479495     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 32    ]
  [ Last Active Time: Wed Apr  8 13:15:36 2026 ]
@82 pass in quick on lagg0.4091 proto tcp from any to (lagg0.4091:2) port = https flags S/SA keep state (if-bound) label "descr=anti-lockout rule" ridentifier 10001
  [ Evaluations: 3489069   Packets: 97908     Bytes: 27584568    States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 9     ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@83 pass in quick on lagg0.4091 proto tcp from any to (lagg0.4091:2) port = http flags S/SA keep state (if-bound) label "descr=anti-lockout rule" ridentifier 10001
  [ Evaluations: 4         Packets: 7         Bytes: 1013        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@84 pass in quick on lagg0.4091 proto tcp from any to (lagg0.4091:2) port = ssh flags S/SA keep state (if-bound) label "descr=anti-lockout rule" ridentifier 10001
  [ Evaluations: 3         Packets: 2182      Bytes: 1935936     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@85 pass in inet all flags S/SA keep state (if-bound) label "descr=NAT REFLECT: Allow traffic to localhost" ridentifier 1000010331 tagged PFREFLECT
  [ Evaluations: 2905770   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@86 anchor "userrules/*" all
  [ Evaluations: 3488998   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@87 pass in quick on openvpn inet all flags S/SA keep state (if-bound) label "id=1672175133" label "tags=user_rule" label "descr=OpenVPN OpenVPN Clients via SMAUG wizard" ridentifier 1672175133
  [ Evaluations: 3488998   Packets: 277611764  Bytes: 233148910291  States: 370   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 8005  ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@88 pass in quick on openvpn inet6 all flags S/SA keep state (if-bound) label "id=1672175133" label "tags=user_rule" label "descr=OpenVPN OpenVPN Clients via SMAUG wizard" ridentifier 1672175133
  [ Evaluations: 1381      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@89 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto icmp from any to <WAN__NETWORK:8> icmp-type trace keep state (if-bound) label "id=1438176406" label "tags=user_rule" label "descr=traceroute erlauben für Tracezwecke" ridentifier 1438176406
  [ Evaluations: 3254541   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@90 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto icmp from any to <WAN__NETWORK:8> icmp-type echoreq keep state (if-bound) label "id=1438175832" label "tags=user_rule" label "descr=ping erlauben für Tracezwecke" ridentifier 1438175832
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@91 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from 212.202.98.22 to 193.97.129.89 port = isakmp flags S/SA keep state (if-bound) label "id=1426092632" label "tags=user_rule" label "descr=itmotive" ridentifier 1426092632
  [ Evaluations: 63307     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@92 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from 212.202.98.22 to 193.97.129.89 port = isakmp keep state (if-bound) label "id=1426092632" label "tags=user_rule" label "descr=itmotive" ridentifier 1426092632
  [ Evaluations: 1980      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@93 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from 80.151.5.161 to 192.168.1.13 port = http flags S/SA keep state (if-bound) label "id=1658751758" label "tags=user_rule" label "descr=NAT Redirect SF-SAP-WT1202 80 direkt" ridentifier 1658751758
  [ Evaluations: 63307     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@94 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from 93.240.133.186 to 192.168.1.13 port = http flags S/SA keep state (if-bound) label "id=1658751788" label "tags=user_rule" label "descr=NAT Redirect SF-SAP-WT1202 80 direkt" ridentifier 1658751788
  [ Evaluations: 60708     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@95 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from 212.202.98.22 to 192.168.1.13 port = http flags S/SA keep state (if-bound) label "id=1723639239" label "tags=user_rule" label "descr=NAT Redirect SF-SAP-WT1202 80 direkt" ridentifier 1723639239
  [ Evaluations: 60708     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@96 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from 193.97.129.0/24 to 192.168.160.1 port = ntp keep state (if-bound) label "id=1574779145" label "tags=user_rule" label "descr=NAT redirect OEIP-Net NTP 2 sfi-samb4 ntp" ridentifier 1574779145
  [ Evaluations: 63307     Packets: 3122      Bytes: 237272      States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 73    ]
  [ Last Active Time: Wed Apr  8 13:16:09 2026 ]
@97 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_rdpsrv:1> to <sfi_texas:1> port = ssh flags S/SA keep state (if-bound) label "id=1746539911" label "tags=user_rule" label "descr=NAT redirect ssh 4 Backup von sfi-rdpsrv zu sfi-texas" ridentifier 1746539911
  [ Evaluations: 61746     Packets: 35382     Bytes: 36779080    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@98 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_rdpsrv:1> to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1746539588" label "tags=user_rule" label "descr=NAT redirect NFSv4 von sfi-rdpsrv zu sfi-texas" ridentifier 1746539588
  [ Evaluations: 2         Packets: 467       Bytes: 38236       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@99 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_web:1> to <sfi_texas:1> port = ssh flags S/SA keep state (if-bound) label "id=1629130353" label "tags=user_rule" label "descr=NAT redirect ssh 4 Backup von www zu sfi-texas" ridentifier 1629130353
  [ Evaluations: 61320     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@100 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_web:1> to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 21        Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@101 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_web:1> to <sfi_texas:1> port = cryptoadmin flags S/SA keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 21        Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@102 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <sfi_web:1> to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 21        Packets: 885       Bytes: 78912       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@103 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from <sfi_web:1> to <sfi_texas:1> port = sunrpc keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 423       Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@104 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from <sfi_web:1> to <sfi_texas:1> port = cryptoadmin keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@105 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from <sfi_web:1> to <sfi_texas:1> port = nfsd keep state (if-bound) label "id=1536912906" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 WEBSERVER zu sfi-texas" ridentifier 1536912906
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@106 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to 192.168.160.1 port = ldaps flags S/SA keep state (if-bound) label "id=1616155899" label "tags=user_rule" label "descr=NAT redirect LDAPS von PROX-IS-oeDMZ-1 zu sfi-samba4" ridentifier 1616155899
  [ Evaluations: 61669     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@107 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <sfi_texas:1> port = ssh flags S/SA keep state (if-bound) label "id=1737653612" label "tags=user_rule" label "descr=NAT redirect ssh von PROX-IS-oeDMZ-1 zu sfi-texas" ridentifier 1737653612
  [ Evaluations: 34733     Packets: 1525      Bytes: 1495254     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@108 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1737654206" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 von PROX-IS-oeDMZ-1 zu sfi-..." ridentifier 1737654206
  [ Evaluations: 7         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@109 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <sfi_texas:1> port = cryptoadmin flags S/SA keep state (if-bound) label "id=1737654206" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 von PROX-IS-oeDMZ-1 zu sfi-..." ridentifier 1737654206
  [ Evaluations: 7         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@110 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1737654206" label "tags=user_rule" label "descr=NAT redirect NFS v3 und v4 von PROX-IS-oeDMZ-1 zu sfi-..." ridentifier 1737654206
  [ Evaluations: 7         Packets: 377       Bytes: 62424       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@111 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to 192.168.160.11 port = ldaps flags S/SA keep state (if-bound) label "id=1633101525" label "tags=user_rule" label "descr=NAT redirect LDAPS von PROX-IS-oeDMZ-1 zu sfi-bdc" ridentifier 1633101525
  [ Evaluations: 34726     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@112 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <qnap:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1737653989" label "tags=user_rule" label "descr=NAT redirect NFS portmapper von PROX-IS-oeDMZ-1 zu NAS..." ridentifier 1737653989
  [ Evaluations: 34726     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@113 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <qnap:1> port = nfsd flags S/SA keep state (if-bound) label "id=1737654004" label "tags=user_rule" label "descr=NAT redirect NFS nfsd von PROX-IS-oeDMZ-1 zu NAS QNAP" ridentifier 1737654004
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@114 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from <prox_oedmz_1:1> to <Prox_Backup:1> port = 8007 flags S/SA keep state (if-bound) label "id=1627049090" label "tags=user_rule" label "descr=NAT redirect 8007 von PROX-IS-oeDMZ-1 zu prox-backup" ridentifier 1627049090
  [ Evaluations: 34726     Packets: 714721    Bytes: 229261581   States: 20    ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 760   ]
  [ Last Active Time: Wed Apr  8 13:16:23 2026 ]
@115 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.42 port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1463043326" label "tags=user_rule" label "descr=NAT rdp redirect lorenz-integ" ridentifier 1463043326
  [ Evaluations: 26576     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@116 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from any to 192.168.1.42 port = ms-wbt-server keep state (if-bound) label "id=1463043326" label "tags=user_rule" label "descr=NAT rdp redirect lorenz-integ" ridentifier 1463043326
  [ Evaluations: 419       Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@117 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.120 port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1674663786" label "tags=user_rule" label "descr=NAT rdp redirect s4p-lz-test2 von guacomole ohne glaur..." ridentifier 1674663786
  [ Evaluations: 26995     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@118 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.126 port = http flags S/SA keep state (if-bound) label "id=1670424516" label "tags=user_rule" label "descr=NAT Redirect vu-trail.sf.com 80 direkt" ridentifier 1670424516
  [ Evaluations: 26576     Packets: 550       Bytes: 24013       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 12    ]
  [ Last Active Time: Wed Apr  8 13:13:46 2026 ]
@119 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.126 port = https flags S/SA keep state (if-bound) label "id=1670496531" label "tags=user_rule" label "descr=NAT Redirect vu-trail.sf.com 443 direkt" ridentifier 1670496531
  [ Evaluations: 1315      Packets: 2921      Bytes: 146495      States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 10    ]
  [ Last Active Time: Wed Apr  8 13:15:27 2026 ]
@120 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.126 port = 2019 flags S/SA keep state (if-bound) label "id=1670496552" label "tags=user_rule" label "descr=NAT Redirect vu-trail.sf.com 2019 direkt" ridentifier 1670496552
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@121 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.151 port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1751293931" label "tags=user_rule" label "descr=NAT rdp redirect sf-sprung-cad01 von guacomole ohne gl..." ridentifier 1751293931
  [ Evaluations: 25016     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@122 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.165 port = http flags S/SA keep state (if-bound) label "id=1775467142" label "tags=user_rule" label "descr=NAT Redirect ÖffIP:80 non ssl auf sf-dppa-dev-02" ridentifier 1775467142
  [ Evaluations: 14273     Packets: 2161      Bytes: 223542      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 9     ]
  [ Last Active Time: Wed Apr  8 13:09:18 2026 ]
@123 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.165 port = https flags S/SA keep state (if-bound) label "id=1775467180" label "tags=user_rule" label "descr=NAT Redirect ÖffIP:443 ssl auf sf-dppa-dev-02" ridentifier 1775467180
  [ Evaluations: 1570      Packets: 131736    Bytes: 138769990   States: 5     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 64    ]
  [ Last Active Time: Wed Apr  8 13:15:57 2026 ]
@124 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.166 port = http flags S/SA keep state (if-bound) label "id=1775557882" label "tags=user_rule" label "descr=NAT Redirect ÖffIP:80 non ssl auf sf-dppa-dev" ridentifier 1775557882
  [ Evaluations: 10797     Packets: 2678      Bytes: 281276      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 6     ]
  [ Last Active Time: Wed Apr  8 13:11:50 2026 ]
@125 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.166 port = https flags S/SA keep state (if-bound) label "id=1775557908" label "tags=user_rule" label "descr=NAT Redirect ÖffIP:443 ssl auf sf-dppa-dev" ridentifier 1775557908
  [ Evaluations: 972       Packets: 104928    Bytes: 114404349   States: 8     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 108   ]
  [ Last Active Time: Wed Apr  8 13:15:57 2026 ]
@126 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.129.28 port = bacula-dir flags S/SA keep state (if-bound) label "id=1426092648" label "tags=user_rule" label "descr=NAT Vaire Director" ridentifier 1426092648
  [ Evaluations: 21322     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@127 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.129.28 port = bacula-fd flags S/SA keep state (if-bound) label "id=1426092649" label "tags=user_rule" label "descr=NAT  vaire FD" ridentifier 1426092649
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@128 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.129.117 port = https flags S/SA keep state (if-bound) label "id=1539958522" label "tags=user_rule" label "descr=NAT rdp redirect bugzilla von www.sf.com ohne glaurungre" ridentifier 1539958522
  [ Evaluations: 21322     Packets: 5880416   Bytes: 7650172218  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 5     ]
  [ Last Active Time: Wed Apr  8 12:59:31 2026 ]
@129 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.2 port = http-alt flags S/SA keep state (if-bound) label "id=1467211958" label "tags=user_rule" label "descr=NAT SF AV Konsole redirect" ridentifier 1467211958
  [ Evaluations: 21092     Packets: 4026      Bytes: 453627      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 6     ]
  [ Last Active Time: Wed Apr  8 13:12:59 2026 ]
@130 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.2 port = 8443 flags S/SA keep state (if-bound) label "id=1465576130" label "tags=user_rule" label "descr=NAT SF AV Konsole redirect" ridentifier 1465576130
  [ Evaluations: 2210      Packets: 35824     Bytes: 6091476     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 19    ]
  [ Last Active Time: Wed Apr  8 13:14:08 2026 ]
@131 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1549835381" label "tags=user_rule" label "descr=NAT FEBXXX WAN IN (nur spacenet!) reroute to SFSOGo SMTP" ridentifier 1549835381
  [ Evaluations: 18494     Packets: 159363    Bytes: 179926375   States: 3     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 27    ]
  [ Last Active Time: Wed Apr  8 13:15:35 2026 ]
@132 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.7 port = http flags S/SA keep state (if-bound) label "id=1549620736" label "tags=user_rule" label "descr=NAT WAN IN reroute to SFSOGo http" ridentifier 1549620736
  [ Evaluations: 8664      Packets: 11895     Bytes: 2200250     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 3     ]
  [ Last Active Time: Wed Apr  8 13:13:42 2026 ]
@133 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.7 port = https flags S/SA keep state (if-bound) label "id=1549633303" label "tags=user_rule" label "descr=NAT WAN IN reroute to SFSOGo http LETSENCRYPT" ridentifier 1549633303
  [ Evaluations: 7277      Packets: 104904    Bytes: 35931579    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 104   ]
  [ Last Active Time: Wed Apr  8 13:10:44 2026 ]
@134 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.7 port = submission flags S/SA keep state (if-bound) label "id=1549621982" label "tags=user_rule" label "descr=NAT WAN IN reroute to SFSOGo SUMBISSION" ridentifier 1549621982
  [ Evaluations: 2632      Packets: 7426      Bytes: 7042398     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@135 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.7 port = imaps flags S/SA keep state (if-bound) label "id=1592459735" label "tags=user_rule" label "descr=NAT WAN IN reroute to SFSOGo IMAPs" ridentifier 1592459735
  [ Evaluations: 2543      Packets: 896403    Bytes: 465201665   States: 9     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 53    ]
  [ Last Active Time: Wed Apr  8 13:16:22 2026 ]
@136 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.8 port = https flags S/SA keep state (if-bound) label "id=1551896674" label "tags=user_rule" label "descr=NAT FEBx5 NAT to  SF MessageSrvNEU" ridentifier 1551896674
  [ Evaluations: 9044      Packets: 171022    Bytes: 118360813   States: 24    ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 98    ]
  [ Last Active Time: Wed Apr  8 13:16:25 2026 ]
@137 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from any to 192.168.160.8 port = 3478 keep state (if-bound) label "id=1584639020" label "tags=user_rule" label "descr=NAT Redirect STUN/TURN alt. TCP+UDP to matrix/Riot Srv..." ridentifier 1584639020
  [ Evaluations: 4839      Packets: 738       Bytes: 64888       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 6     ]
  [ Last Active Time: Wed Apr  8 13:08:46 2026 ]
@138 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.160.8 port = 5349 flags S/SA keep state (if-bound) label "id=1559393807" label "tags=user_rule" label "descr=NAT Redirect STUN/TURN TCP+UDP to matrix/Riot Srv NEU ..." ridentifier 1559393807
  [ Evaluations: 4543      Packets: 3062      Bytes: 651147      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@139 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from any to 192.168.160.8 port = 5349 keep state (if-bound) label "id=1559393807" label "tags=user_rule" label "descr=NAT Redirect STUN/TURN TCP+UDP to matrix/Riot Srv NEU ..." ridentifier 1559393807
  [ Evaluations: 4335      Packets: 106       Bytes: 74122       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@140 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from any to 192.168.160.8 port >= 49152 keep state (if-bound) label "id=1702896071" label "tags=user_rule" label "descr=NAT Redirect STUN/TURN TCP+UDP to matrix/Riot Srv NEU ..." ridentifier 1702896071
  [ Evaluations: 113       Packets: 226       Bytes: 57665       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 2     ]
  [ Last Active Time: Wed Apr  8 13:02:41 2026 ]
@141 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.180.2 port = 8169 flags S/SA keep state (if-bound) label "id=1551611991" label "tags=user_rule" label "descr=NAT FEBXv4 odoo 2 smaug-NAT 4 Pic/Tracking/unsupscr vi..." ridentifier 1551611991
  [ Evaluations: 7076      Packets: 10758     Bytes: 7097335     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 3     ]
  [ Last Active Time: Wed Apr  8 12:50:49 2026 ]
@142 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.175.117 port = 1883 flags S/SA keep state (if-bound) label "id=1771254241" label "tags=user_rule" label "descr=NAT Redirect mqtt-lz-t 1883 non ssl, von auf glaurung" ridentifier 1771254241
  [ Evaluations: 6415      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@143 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.175.117 port = 8883 flags S/SA keep state (if-bound) label "id=1771254218" label "tags=user_rule" label "descr=NAT Redirect mqtt-lz-t 8883 ssl, von auf glaurung" ridentifier 1771254218
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@144 pass in quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 192.168.1.119 port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1699535117" label "tags=user_rule" label "descr=NAT rdp redirect IT4CE-mes von guacomole ohne glaurung..." ridentifier 1699535117
  [ Evaluations: 6415      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@145 pass in log quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto tcp from any to 193.97.129.89 port = openvpn flags S/SA keep state (if-bound) label "id=1672824958" label "tags=user_rule" label "descr=allow from everywhere OpenVPN Clients USER*PW+CertFile..." ridentifier 1672824958
  [ Evaluations: 6415      Packets: 208570783  Bytes: 145677628509  States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@146 pass in log quick on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from any to 193.97.129.89 port = openvpn keep state (if-bound) label "id=1672824958" label "tags=user_rule" label "descr=allow from everywhere OpenVPN Clients USER*PW+CertFile..." ridentifier 1672824958
  [ Evaluations: 1124      Packets: 48573989  Bytes: 39051780286  States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 4     ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@147 block drop in log quick on lagg0.4090 inet all label "id=1498813579" label "tags=user_rule" label "descr=block all other WAN" ridentifier 1498813579
  [ Evaluations: 6312      Packets: 6312      Bytes: 476419      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:12 2026 ]
@148 block drop in log quick on lagg0.4090 inet6 all label "id=1498813579" label "tags=user_rule" label "descr=block all other WAN" ridentifier 1498813579
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@149 block drop in log quick on lagg0.4091 inet proto tcp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1672823291" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672823291
  [ Evaluations: 2216305   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@150 block drop in log quick on lagg0.4091 inet proto udp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1672823291" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672823291
  [ Evaluations: 615297    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@151 pass in quick on lagg0.4091 inet proto tcp from any to any port = https flags S/SA keep state (if-bound) label "id=1664966473" label "tags=user_rule" label "descr=allow HTTPS from ZSW" ridentifier 1664966473
  [ Evaluations: 804045    Packets: 163047098  Bytes: 185705137849  States: 439   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 4909  ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@152 pass in quick on lagg0.4091 inet proto tcp from <WLANIPs:1> to <Drucker:2> flags S/SA keep state (if-bound) label "id=1737475823" label "tags=user_rule" label "descr=allow Print from WLAN" ridentifier 1737475823
  [ Evaluations: 44254     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@153 pass in quick on lagg0.4091 inet proto udp from <WLANIPs:1> to <Drucker:2> keep state (if-bound) label "id=1737475823" label "tags=user_rule" label "descr=allow Print from WLAN" ridentifier 1737475823
  [ Evaluations: 615297    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@154 pass in quick on lagg0.4091 inet proto tcp from 192.168.2.254 to <Drucker:2> flags S/SA keep state (if-bound) label "id=1737476988" label "tags=user_rule" label "descr=allow Print from WLAN" ridentifier 1737476988
  [ Evaluations: 659551    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@155 pass in quick on lagg0.4091 inet proto udp from 192.168.2.254 to <Drucker:2> keep state (if-bound) label "id=1737476988" label "tags=user_rule" label "descr=allow Print from WLAN" ridentifier 1737476988
  [ Evaluations: 615297    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@156 pass in log quick on lagg0.4091 inet from <LAN__NETWORK:1> to <sfi_web:1> flags S/SA keep state (if-bound) label "id=1641986007" label "tags=user_rule" label "descr=LOG LAN 2 WEB wegen Portscan" ridentifier 1641986007
  [ Evaluations: 659551    Packets: 420       Bytes: 95388       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@157 pass in quick on lagg0.4091 inet proto icmp all icmp-type echoreq keep state (if-bound) label "id=1648044249" label "tags=user_rule" label "descr=4DEL" ridentifier 1648044249
  [ Evaluations: 659496    Packets: 179560    Bytes: 17197305    States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 517   ]
  [ Last Active Time: Wed Apr  8 13:16:16 2026 ]
@158 pass in quick on lagg0.4091 inet proto udp from 192.168.160.2 to <OPT7__NETWORK:1> port 136 >< 140 keep state (if-bound) label "id=1636468863" label "tags=user_rule" label "descr=Allow 137,138, 139 udp from sfi-av" ridentifier 1636468863
  [ Evaluations: 635446    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@159 pass in quick on lagg0.4091 inet proto tcp from 192.168.160.2 to <OPT7__NETWORK:1> port = netbios-ssn flags S/SA keep state (if-bound) label "id=1636469042" label "tags=user_rule" label "descr=Allow 139 tcp from sfi-av" ridentifier 1636469042
  [ Evaluations: 45260     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@160 block drop in quick on lagg0.4091 inet proto tcp from any to any port 134 >< 140 label "id=1426092662" label "tags=user_rule" label "descr=drop any Netbios" ridentifier 1426092662
  [ Evaluations: 634428    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@161 block drop in quick on lagg0.4091 inet proto udp from any to any port 134 >< 140 label "id=1426092662" label "tags=user_rule" label "descr=drop any Netbios" ridentifier 1426092662
  [ Evaluations: 591204    Packets: 23391     Bytes: 3590637     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:22 2026 ]
@162 block drop in quick on lagg0.4091 inet6 proto tcp from any to any port 134 >< 140 label "id=1426092662" label "tags=user_rule" label "descr=drop any Netbios" ridentifier 1426092662
  [ Evaluations: 1018      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@163 block drop in quick on lagg0.4091 inet6 proto udp from any to any port 134 >< 140 label "id=1426092662" label "tags=user_rule" label "descr=drop any Netbios" ridentifier 1426092662
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@164 pass in log quick on lagg0.4091 inet proto tcp from 192.168.160.2 to <OPT7__NETWORK:1> port = microsoft-ds flags S/SA keep state (if-bound) label "id=1636468950" label "tags=user_rule" label "descr=allow 445 tcp from sfi-AV" ridentifier 1636468950
  [ Evaluations: 612055    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@165 block drop in log quick on lagg0.4091 inet proto tcp from any to any port = microsoft-ds label "id=1426092663" label "tags=user_rule" label "descr=drop any SAMBA" ridentifier 1426092663
  [ Evaluations: 44226     Packets: 15        Bytes: 780         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@166 block drop in log quick on lagg0.4091 inet proto udp from any to any port = microsoft-ds label "id=1426092663" label "tags=user_rule" label "descr=drop any SAMBA" ridentifier 1426092663
  [ Evaluations: 567813    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@167 block drop in log quick on lagg0.4091 inet6 proto tcp from any to any port = microsoft-ds label "id=1426092663" label "tags=user_rule" label "descr=drop any SAMBA" ridentifier 1426092663
  [ Evaluations: 1018      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@168 block drop in log quick on lagg0.4091 inet6 proto udp from any to any port = microsoft-ds label "id=1426092663" label "tags=user_rule" label "descr=drop any SAMBA" ridentifier 1426092663
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@169 pass in quick on lagg0.4091 inet proto udp from <OPT7__NETWORK:1> to any port = ntp keep state (if-bound) label "id=1504270734" label "tags=user_rule" label "descr=allow NTP from SFiDMZ" ridentifier 1504270734
  [ Evaluations: 612040    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@170 pass in quick on lagg0.4091 inet proto udp from <LAN__NETWORK:1> to any port = ntp keep state (if-bound) label "id=1426092659" label "tags=user_rule" label "descr=allow NTP From LAN" ridentifier 1426092659
  [ Evaluations: 566795    Packets: 11495     Bytes: 873788      States: 2     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 125   ]
  [ Last Active Time: Wed Apr  8 13:15:29 2026 ]
@171 pass in quick on lagg0.4091 inet proto tcp from 192.168.160.7 to 195.30.249.98 port = smtp flags S/SA keep state (if-bound) label "id=1558727862" label "tags=user_rule" label "descr=Allow SMTP from SFSOGo to mail.sf.com(SPACENET)" ridentifier 1558727862
  [ Evaluations: 605444    Packets: 38667     Bytes: 44578527    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 4     ]
  [ Last Active Time: Wed Apr  8 13:07:39 2026 ]
@172 pass in quick on lagg0.4091 inet proto tcp from 192.168.129.125 to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1426092657" label "tags=user_rule" label "descr=NAT force SMTP from scanner over local MTA to sfsogo" ridentifier 1426092657
  [ Evaluations: 44084     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@173 pass in quick on lagg0.4091 inet proto tcp from <OPT8__NETWORK:1> to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1759417132" label "tags=user_rule" label "descr=allow SMTP from itmgmtnet" ridentifier 1759417132
  [ Evaluations: 44084     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@174 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = ssh flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 44084     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@175 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = icap flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@176 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = epmd flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@177 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = amqp flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@178 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 6150 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@179 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 6379 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@180 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port 7074:7077 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@181 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 7081 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@182 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 7083 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@183 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = http-alt flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@184 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 8443 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@185 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 27017 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@186 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 32002 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@187 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = 48652 flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@188 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = ldap flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@189 pass in quick on lagg0.4091 inet proto tcp from <AVSrv:1> to <ITMgmtSrv:1> port = ldaps flags S/SA keep state (if-bound) label "id=1665413791" label "tags=user_rule" label "descr=Allow AV from AVSrv to ITMgmtSrv" ridentifier 1665413791
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@190 pass in quick on lagg0.4091 inet proto tcp from <grpITMgmtAllowed:2> to <ITMgmtSrv:1> port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1665412399" label "tags=user_rule" label "descr=Allow RDP from grpITMgmtAllowed to ITMgmtSrv" ridentifier 1665412399
  [ Evaluations: 42265     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@191 pass in quick on lagg0.4091 inet proto tcp from <OPSISrv:1> to <OPT8__NETWORK:1> port = 4441 flags S/SA keep state (if-bound) label "id=1672092270" label "tags=user_rule" label "descr=Allow OPSIin from OpsiSrv to SFITMgmnt Net" ridentifier 1672092270
  [ Evaluations: 44084     Packets: 6         Bytes: 360         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@192 pass in quick on lagg0.4091 inet proto tcp from <OPSISrv:1> to <WLANIPs:1> port = 4441 flags S/SA keep state (if-bound) label "id=1735223801" label "tags=user_rule" label "descr=Allow OPSIin from OpsiSrv to SFWLAN Net" ridentifier 1735223801
  [ Evaluations: 328       Packets: 101       Bytes: 6788        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@193 block drop in quick on lagg0.4091 inet proto tcp from any to <ITMgmtSrv:1> flags S/SA label "id=1665413693" label "tags=user_rule" label "descr=block everything to ITMgmtSrv" ridentifier 1665413693
  [ Evaluations: 44057     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@194 pass in quick on lagg0.4091 inet from <LAN__NETWORK:1> to any flags S/SA keep state (if-bound) label "id=1747158533" label "tags=user_rule" label "descr=LAN -> Allow Everywhere Private AND Public Network" ridentifier 1747158533
  [ Evaluations: 605274    Packets: 31906528  Bytes: 30798398562  States: 238   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 17740 ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@195 block drop in log quick on lagg0.4091 inet6 all label "id=1426092665" label "tags=user_rule" label "descr=block all other LAN IPv6" ridentifier 1426092665
  [ Evaluations: 8657      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@196 block drop in log quick on lagg0.4091 inet all label "id=1752648096" label "tags=user_rule" label "descr=block all other LAN IPv4" ridentifier 1752648096
  [ Evaluations: 8657      Packets: 8657      Bytes: 1955730     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:15 2026 ]
@197 pass in quick on ix0 inet proto tcp from 192.168.3.253 to 192.168.130.109 port = http-alt flags S/SA keep state (if-bound) label "id=1775472621" label "tags=user_rule" label "descr=allow Unifi Network to PC Felipe" ridentifier 1775472621
  [ Evaluations: 825618    Packets: 43856     Bytes: 14400245    States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 76    ]
  [ Last Active Time: Wed Apr  8 13:16:08 2026 ]
@198 pass in quick on ix0 inet proto udp from <OPT1__NETWORK:1> to 192.168.160.1 port = ntp keep state (if-bound) label "id=1775472664" label "tags=user_rule" label "descr=ntp anfragen von SFBackup Subnet erlauben" ridentifier 1775472664
  [ Evaluations: 51778     Packets: 330       Bytes: 25080       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 3     ]
  [ Last Active Time: Wed Apr  8 13:15:01 2026 ]
@199 pass in quick on ix0 inet proto icmp all icmp-type echorep keep state (if-bound) label "id=1775472688" label "tags=user_rule" label "descr=Allow Ping 2 LAN Net" ridentifier 1775472688
  [ Evaluations: 51613     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@200 pass in quick on ix0 inet proto icmp all icmp-type echoreq keep state (if-bound) label "id=1775472688" label "tags=user_rule" label "descr=Allow Ping 2 LAN Net" ridentifier 1775472688
  [ Evaluations: 8         Packets: 32        Bytes: 2688        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@201 pass in quick on ix0 inet proto tcp from any to 192.168.129.119 port = domain flags S/SA keep state (if-bound) label "id=1775472706" label "tags=user_rule" label "descr=Allow DNS für jeden" ridentifier 1775472706
  [ Evaluations: 51605     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@202 pass in quick on ix0 inet proto udp from any to 192.168.129.119 port = domain keep state (if-bound) label "id=1775472706" label "tags=user_rule" label "descr=Allow DNS für jeden" ridentifier 1775472706
  [ Evaluations: 28029     Packets: 4648      Bytes: 428997      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 43    ]
  [ Last Active Time: Wed Apr  8 13:14:48 2026 ]
@203 pass in quick on ix0 inet proto tcp from any to any port = http flags S/SA keep state (if-bound) label "id=1775472724" label "tags=user_rule" label "descr=Allow HTTP to everywhere" ridentifier 1775472724
  [ Evaluations: 50245     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@204 pass in quick on ix0 inet proto tcp from any to any port = https flags S/SA keep state (if-bound) label "id=1775472735" label "tags=user_rule" label "descr=Allow HTTPs to everywhere" ridentifier 1775472735
  [ Evaluations: 23576     Packets: 291       Bytes: 87899       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@205 pass in quick on ix0 inet proto tcp from <OPT1__NETWORK:1> to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1775472787" label "tags=user_rule" label "descr=allow Mail 25" ridentifier 1775472787
  [ Evaluations: 23559     Packets: 36        Bytes: 9663        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@206 block drop in quick on ix0 inet all label "id=1775472897" label "tags=user_rule" label "descr=DROP REST SFBACKUP" ridentifier 1775472897
  [ Evaluations: 50227     Packets: 50227     Bytes: 6575422     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:23 2026 ]
@207 block drop in quick on ix0 inet6 all label "id=1775472897" label "tags=user_rule" label "descr=DROP REST SFBACKUP" ridentifier 1775472897
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@208 block drop in log quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 193.97.129.89 port = openvpn label "id=1672825284" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672825284
  [ Evaluations: 803491    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@209 block drop in log quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to 193.97.129.89 port = openvpn label "id=1672825284" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672825284
  [ Evaluations: 120550    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@210 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.129.119 port = domain flags S/SA keep state (if-bound) label "id=1664882077" label "tags=user_rule" label "descr=dns anfragen erlauben iDMZ" ridentifier 1664882077
  [ Evaluations: 503732    Packets: 2598      Bytes: 286757      States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 9     ]
  [ Last Active Time: Wed Apr  8 13:16:09 2026 ]
@211 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to 192.168.129.119 port = domain keep state (if-bound) label "id=1664882077" label "tags=user_rule" label "descr=dns anfragen erlauben iDMZ" ridentifier 1664882077
  [ Evaluations: 120550    Packets: 260788    Bytes: 35409786    States: 19    ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 1511  ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@212 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.1 to <sfi_texas:1> port = ssh flags S/SA keep state (if-bound) label "id=1664881581" label "tags=user_rule" label "descr=FEBx9 allow sfi-smb4ext ssh zu sfi-texas" ridentifier 1664881581
  [ Evaluations: 425876    Packets: 11065     Bytes: 11522224    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@213 pass in quick on lagg0.4080 inet proto icmp from <IPiDMZatSFAllowedtoSchmalz:2> to <IPATSchmalzAllowedFromSF:7> icmp-type echoreq keep state (if-bound) label "id=1752505351" label "tags=user_rule" label "descr=allow PING from allowed SF to Allowed Schmalz" ridentifier 1752505351
  [ Evaluations: 425874    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@214 block drop in quick on lagg0.4080 inet proto icmp from any to <IPATSchmalzAllowedFromSF:7> icmp-type echoreq label "id=1752649573" label "tags=user_rule" label "descr=Block PING from not allowed SF to allowed Schmalz" ridentifier 1752649573
  [ Evaluations: 63        Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@215 pass in quick on lagg0.4080 inet proto icmp from <OPT7__NETWORK:1> to any icmp-type echoreq keep state (if-bound) label "id=1664886019" label "tags=user_rule" label "descr=allow PING from iDMZ to Everywhere" ridentifier 1664886019
  [ Evaluations: 63        Packets: 2694      Bytes: 263340      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 1     ]
  [ Last Active Time: Wed Apr  8 12:20:21 2026 ]
@216 pass in quick on lagg0.4080 inet proto tcp from <IPiDMZatSFAllowedtoSchmalz:2> to <IPATSchmalzAllowedFromSF:7> port = ms-wbt-server flags S/SA keep state (if-bound) label "id=1752650016" label "tags=user_rule" label "descr=allow RDP from allowed SF to allowed Schmalz" ridentifier 1752650016
  [ Evaluations: 425811    Packets: 43581     Bytes: 4000275     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@217 block drop in quick on lagg0.4080 inet proto tcp from any to <IPATSchmalzAllowedFromSF:7> port = ms-wbt-server flags S/SA label "id=1752650077" label "tags=user_rule" label "descr=Block RDP from not allowed SF to allowed Schmalz" ridentifier 1752650077
  [ Evaluations: 350668    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@218 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.1 to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1664881659" label "tags=user_rule" label "descr=FEBx9 allow sfi-smb4ext NFS zu sfi-texas" ridentifier 1664881659
  [ Evaluations: 382895    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@219 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.1 to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1664881731" label "tags=user_rule" label "descr=FEBx9 allow sfi-smb4ext  NFSv4 zu sfi-texas" ridentifier 1664881731
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@220 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.13 to 192.168.130.216 flags S/SA keep state (if-bound) label "id=1664882298" label "tags=user_rule" label "descr=allow all from sf-sap-wt1202 to navigate from iDMZ" ridentifier 1664882298
  [ Evaluations: 382895    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@221 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.13 to 192.168.160.16 port = 7788 flags S/SA keep state (if-bound) label "id=1664882764" label "tags=user_rule" label "descr=allow sf-sap-wt1202 zu creolic" ridentifier 1664882764
  [ Evaluations: 10639     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@222 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.13 to 192.168.160.16 port = 49247 flags S/SA keep state (if-bound) label "id=1664882709" label "tags=user_rule" label "descr=allow sf-sap-wt1202 zu creolic" ridentifier 1664882709
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@223 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.19 to 192.168.129.59 port = 8081 flags S/SA keep state (if-bound) label "id=1664882121" label "tags=user_rule" label "descr=allow from sf-sap-wt102 to ep-wtpot-w7 8081" ridentifier 1664882121
  [ Evaluations: 382895    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@224 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.31 to 192.168.160.1 port = microsoft-ds flags S/SA keep state (if-bound) label "id=1690290771" label "tags=user_rule" label "descr=FEBx10 allow twx-lz-test CIFS zu sfi-samba4" ridentifier 1690290771
  [ Evaluations: 382895    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@225 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.42 to 192.168.130.133 port 26999 >< 27010 flags S/SA keep state (if-bound) label "id=1664882567" label "tags=user_rule" label "descr=PTCLizMgr von lorenz-integ zu sf-integ-prod Port 1" ridentifier 1664882567
  [ Evaluations: 382895    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@226 pass in quick on lagg0.4080 inet proto udp from 192.168.1.42 to 192.168.130.133 port 26999 >< 27010 keep state (if-bound) label "id=1664882567" label "tags=user_rule" label "descr=PTCLizMgr von lorenz-integ zu sf-integ-prod Port 1" ridentifier 1664882567
  [ Evaluations: 42913     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@227 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.42 to 192.168.130.133 port = 41978 flags S/SA keep state (if-bound) label "id=1664882665" label "tags=user_rule" label "descr=PTCLizMgr von lorenz-integ zu sf-integ-prod Port 2" ridentifier 1664882665
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@228 pass in quick on lagg0.4080 inet proto udp from 192.168.1.42 to 192.168.130.133 port = 41978 keep state (if-bound) label "id=1664882665" label "tags=user_rule" label "descr=PTCLizMgr von lorenz-integ zu sf-integ-prod Port 2" ridentifier 1664882665
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@229 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.64 to 192.168.130.187 port = ssh flags S/SA keep state (if-bound) label "id=1664883867" label "tags=user_rule" label "descr=allow ssh from lorenz-clientwin7 to lorenz-s4p-dev" ridentifier 1664883867
  [ Evaluations: 425808    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@230 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.64 to 192.168.130.185 port = 8443 flags S/SA keep state (if-bound) label "id=1664883992" label "tags=user_rule" label "descr=Tomcat von lorenz-clientw7 zu lorenz-twx-dev Port" ridentifier 1664883992
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@231 pass in quick on lagg0.4080 inet proto udp from 192.168.1.64 to 192.168.130.185 port = 8443 keep state (if-bound) label "id=1664883992" label "tags=user_rule" label "descr=Tomcat von lorenz-clientw7 zu lorenz-twx-dev Port" ridentifier 1664883992
  [ Evaluations: 42913     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@232 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.66 to <sfi_nas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1664884066" label "tags=user_rule" label "descr=FEBx7 allow sfi-svn03 NFS zu sfi-nas" ridentifier 1664884066
  [ Evaluations: 425808    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@233 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.66 to <sfi_nas:1> port = cryptoadmin flags S/SA keep state (if-bound) label "id=1664884129" label "tags=user_rule" label "descr=FEBx7 allow sfi-svn03 NFS zu sfi-nas" ridentifier 1664884129
  [ Evaluations: 2         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@234 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.66 to <sfi_nas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1664884210" label "tags=user_rule" label "descr=FEBx7 allow sfi-svn03 NFS zu sfi-nas" ridentifier 1664884210
  [ Evaluations: 2         Packets: 42        Bytes: 2664        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@235 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to 192.168.160.201 port = sunrpc flags S/SA keep state (if-bound) label "id=1752219903" label "tags=user_rule" label "descr=FEBx9 allow prox-idmz-01 NFS zu QNAP" ridentifier 1752219903
  [ Evaluations: 382893    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@236 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to 192.168.1.1 port = ldap flags S/SA keep state (if-bound) label "id=1764064145" label "tags=user_rule" label "descr=FEBx9 allow prox-idmz-01 LDAP to extern1" ridentifier 1764064145
  [ Evaluations: 104584    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@237 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to 192.168.1.1 port = ldaps flags S/SA keep state (if-bound) label "id=1764064238" label "tags=user_rule" label "descr=FEBx9 allow prox-idmz-01 LDAPs to extern1" ridentifier 1764064238
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@238 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to 192.168.160.201 port = nfsd flags S/SA keep state (if-bound) label "id=1752219944" label "tags=user_rule" label "descr=FEBx9 allow prox-idmz-01 NFS zu QNAP" ridentifier 1752219944
  [ Evaluations: 104584    Packets: 804       Bytes: 65724       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@239 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_CAD_kisten:2> to 5.102.189.15 port = openvpn flags S/SA keep state (if-bound) label "id=1701434150" label "tags=user_rule" label "descr=Allow VPN from sf-sprung-cadx to trevit talis" ridentifier 1701434150
  [ Evaluations: 382704    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@240 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_CAD_kisten:2> to 5.102.189.15 port = openvpn keep state (if-bound) label "id=1701434150" label "tags=user_rule" label "descr=Allow VPN from sf-sprung-cadx to trevit talis" ridentifier 1701434150
  [ Evaluations: 42913     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@241 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.160 to 192.168.130.133 flags S/SA keep state (if-bound) label "id=1727702861" label "tags=user_rule" label "descr=PTCLizMgr von sf-rvs-125 zu sf-integ-prod Port 2" ridentifier 1727702861
  [ Evaluations: 425617    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@242 pass in quick on lagg0.4080 inet proto udp from 192.168.1.160 to 192.168.130.133 keep state (if-bound) label "id=1727702861" label "tags=user_rule" label "descr=PTCLizMgr von sf-rvs-125 zu sf-integ-prod Port 2" ridentifier 1727702861
  [ Evaluations: 42913     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@243 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.160 to 192.168.130.136 flags S/SA keep state (if-bound) label "id=1727699611" label "tags=user_rule" label "descr=PTCLizMgr von sf-rvs-125 zu sf-integ-data Port 2" ridentifier 1727699611
  [ Evaluations: 11261     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@244 pass in quick on lagg0.4080 inet proto udp from 192.168.1.160 to 192.168.130.136 keep state (if-bound) label "id=1727699611" label "tags=user_rule" label "descr=PTCLizMgr von sf-rvs-125 zu sf-integ-data Port 2" ridentifier 1727699611
  [ Evaluations: 1233      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@245 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.160 to 192.168.160.1 port = ldap flags S/SA keep state (if-bound) label "id=1727700207" label "tags=user_rule" label "descr=LPAP von sf-rvs-125 zu 192.168.160.1" ridentifier 1727700207
  [ Evaluations: 11261     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@246 pass in quick on lagg0.4080 inet proto udp from 192.168.1.160 to 192.168.160.1 port = ldap keep state (if-bound) label "id=1727700207" label "tags=user_rule" label "descr=LPAP von sf-rvs-125 zu 192.168.160.1" ridentifier 1727700207
  [ Evaluations: 1233      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@247 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = domain keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 424456    Packets: 8         Bytes: 656         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@248 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = ntp keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 4077      Packets: 160       Bytes: 12160       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 2     ]
  [ Last Active Time: Wed Apr  8 13:10:10 2026 ]
@249 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = isakmp keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 3998      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@250 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = ipsec-nat-t keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 3998      Packets: 360971    Bytes: 235870864   States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@251 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = msexch-routing keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 3991      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@252 pass in quick on lagg0.4080 inet proto udp from <sf_sprung_se_Kisten:6> to any port = hyperwave-isp keep state (if-bound) label "id=1666774833" label "tags=user_rule" label "descr=Allow Barracuda VPN UDP from sf_sprung_se_Kisten" ridentifier 1666774833
  [ Evaluations: 3991      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@253 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = ssh flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 387856    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@254 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = smtp flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 82171     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@255 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = domain flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 82171     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@256 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = http flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 82171     Packets: 459182    Bytes: 565376003   States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 38    ]
  [ Last Active Time: Wed Apr  8 13:05:49 2026 ]
@257 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = https flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 81102     Packets: 218811    Bytes: 95095656    States: 5     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 138   ]
  [ Last Active Time: Wed Apr  8 13:14:19 2026 ]
@258 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = pptp flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 74087     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@259 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = 8000 flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 74087     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@260 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = 8443 flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 74087     Packets: 53899     Bytes: 5656663     States: 3     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 75    ]
  [ Last Active Time: Wed Apr  8 13:15:59 2026 ]
@261 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = msexch-routing flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 70919     Packets: 2803      Bytes: 576614      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@262 pass in quick on lagg0.4080 inet proto tcp from <sf_sprung_se_Kisten:6> to any port = hyperwave-isp flags S/SA keep state (if-bound) label "id=1666774783" label "tags=user_rule" label "descr=Allow Barracuda VPN TCP fromsf_sprung_se_Kisten" ridentifier 1666774783
  [ Evaluations: 70917     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@263 pass in quick on lagg0.4080 inet proto gre from <sf_sprung_se_Kisten:6> to any keep state (if-bound) label "id=1666775189" label "tags=user_rule" label "descr=Allow Barracuda VPN GRE from sf_sprung_se_Kisten" ridentifier 1666775189
  [ Evaluations: 76069     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@264 pass in quick on lagg0.4080 inet proto esp from <sf_sprung_se_Kisten:6> to any keep state (if-bound) label "id=1664884661" label "tags=user_rule" label "descr=L2TP ESP from sfi-sprung-w10" ridentifier 1664884661
  [ Evaluations: 76069     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@265 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to <sfi_texas:1> port = ssh flags S/SA keep state (if-bound) label "id=1664884755" label "tags=user_rule" label "descr=FEBx10 allow proxmox-idmz-01 ssh zu sfi-texas" ridentifier 1664884755
  [ Evaluations: 414273    Packets: 2195      Bytes: 2228482     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@266 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1664884808" label "tags=user_rule" label "descr=FEBx10 allow proxmox-idmz-01 NFS zu sfi-texas" ridentifier 1664884808
  [ Evaluations: 10        Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@267 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to <sfi_texas:1> port = cryptoadmin flags S/SA keep state (if-bound) label "id=1664885040" label "tags=user_rule" label "descr=FEBx10 allow proxmox-idmz-01 NFS zu sfi-texas" ridentifier 1664885040
  [ Evaluations: 10        Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@268 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1664885086" label "tags=user_rule" label "descr=FEBx10 allow proxmox-idmz-01 NFSv4 zu sfi-texas" ridentifier 1664885086
  [ Evaluations: 10        Packets: 373       Bytes: 62316       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@269 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.100 to <Prox_Backup:1> port = 8007 flags S/SA keep state (if-bound) label "id=1664885139" label "tags=user_rule" label "descr=FEBx10 allow proxmox-idmz-01 zu proxmox-backup" ridentifier 1664885139
  [ Evaluations: 104388    Packets: 283587593  Bytes: 393831675739  States: 60    ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 2280  ]
  [ Last Active Time: Wed Apr  8 13:16:19 2026 ]
@270 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.125 to 192.168.130.136 port = 27000 flags S/SA keep state (if-bound) label "id=1664883171" label "tags=user_rule" label "descr=PTCLizMgr von itq-rvs zu sf-integ-prod Port 1" ridentifier 1664883171
  [ Evaluations: 267091    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@271 pass in quick on lagg0.4080 inet proto udp from 192.168.1.125 to 192.168.130.136 port = 27000 keep state (if-bound) label "id=1664883171" label "tags=user_rule" label "descr=PTCLizMgr von itq-rvs zu sf-integ-prod Port 1" ridentifier 1664883171
  [ Evaluations: 42823     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@272 pass in quick on lagg0.4080 inet proto tcp from 192.168.1.125 to 192.168.130.136 port = 49178 flags S/SA keep state (if-bound) label "id=1664883813" label "tags=user_rule" label "descr=PTCLizMgr von itq-rvs zu sf-integ-data Port 2" ridentifier 1664883813
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@273 pass in quick on lagg0.4080 inet proto udp from 192.168.1.125 to 192.168.130.136 port = 49178 keep state (if-bound) label "id=1664883813" label "tags=user_rule" label "descr=PTCLizMgr von itq-rvs zu sf-integ-data Port 2" ridentifier 1664883813
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@274 pass in quick on lagg0.4080 inet proto tcp from any to any port = 1688 flags S/SA keep state (if-bound) label "id=1696409220" label "tags=user_rule" label "descr=Office/Windows Activation Server KMS" ridentifier 1696409220
  [ Evaluations: 309914    Packets: 12        Bytes: 1492        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@275 pass in quick on lagg0.4080 inet proto udp from any to any port = 1688 keep state (if-bound) label "id=1696409220" label "tags=user_rule" label "descr=Office/Windows Activation Server KMS" ridentifier 1696409220
  [ Evaluations: 43650     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@276 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to <LAN__NETWORK:1> port = ftp flags S/SA keep state (if-bound) label "id=1664885252" label "tags=user_rule" label "descr=allow FTP from iDMZ to LAN" ridentifier 1664885252
  [ Evaluations: 309913    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@277 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to <LAN__NETWORK:1> port = ftp keep state (if-bound) label "id=1664885252" label "tags=user_rule" label "descr=allow FTP from iDMZ to LAN" ridentifier 1664885252
  [ Evaluations: 42958     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@278 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.129.28 port 9100 >< 9104 flags S/SA keep state (if-bound) label "id=1664885879" label "tags=user_rule" label "descr=iDMZ Net to Bacula" ridentifier 1664885879
  [ Evaluations: 309907    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@279 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to <OPSISrv:1> port = netbios-ssn flags S/SA keep state (if-bound) label "id=1664885641" label "tags=user_rule" label "descr=allow OPSI 139" ridentifier 1664885641
  [ Evaluations: 267084    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@280 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to <OPSISrv:1> port = microsoft-ds flags S/SA keep state (if-bound) label "id=1664885595" label "tags=user_rule" label "descr=allow OPSI 445" ridentifier 1664885595
  [ Evaluations: 114       Packets: 291       Bytes: 44499       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@281 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to <OPSISrv:1> port = 4447 flags S/SA keep state (if-bound) label "id=1664885688" label "tags=user_rule" label "descr=allow OPSI 4447" ridentifier 1664885688
  [ Evaluations: 110       Packets: 2071      Bytes: 673649      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@282 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to <OPSISrv:1> port = 4441 flags S/SA keep state (if-bound) label "id=1664885551" label "tags=user_rule" label "descr=allow OPSI 4441" ridentifier 1664885551
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@283 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.130.136 port = microsoft-ds flags S/SA keep state (if-bound) label "id=1664885407" label "tags=user_rule" label "descr=allow shares from 130.136 Port 1 von 2" ridentifier 1664885407
  [ Evaluations: 266970    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@284 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.130.136 port = ms-sql-s flags S/SA keep state (if-bound) label "id=1664885458" label "tags=user_rule" label "descr=allow SQL Database on sf-integ-data" ridentifier 1664885458
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@285 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to 192.168.160.1 port = ntp keep state (if-bound) label "id=1664885355" label "tags=user_rule" label "descr=ntp anfragen von intDMZ erlauben" ridentifier 1664885355
  [ Evaluations: 309793    Packets: 1578      Bytes: 119928      States: 1     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 16    ]
  [ Last Active Time: Wed Apr  8 13:16:14 2026 ]
@286 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.160.2 port = 7074 flags S/SA keep state (if-bound) label "id=1664885738" label "tags=user_rule" label "descr=SV AV Konsole transfer" ridentifier 1664885738
  [ Evaluations: 309004    Packets: 16275483  Bytes: 22352747912  States: 2     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 303   ]
  [ Last Active Time: Wed Apr  8 13:15:05 2026 ]
@287 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.160.2 port = http-alt flags S/SA keep state (if-bound) label "id=1664885786" label "tags=user_rule" label "descr=SV AV Konsole transfer" ridentifier 1664885786
  [ Evaluations: 203236    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@288 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.160.2 port = 8443 flags S/SA keep state (if-bound) label "id=1664885829" label "tags=user_rule" label "descr=SV AV Konsole transfer" ridentifier 1664885829
  [ Evaluations: 203236    Packets: 130922    Bytes: 13268779    States: 2     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 162   ]
  [ Last Active Time: Wed Apr  8 13:15:43 2026 ]
@289 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1664885304" label "tags=user_rule" label "descr=sfidmz darf mailen" ridentifier 1664885304
  [ Evaluations: 244208    Packets: 2208      Bytes: 1210406     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 1     ]
  [ Last Active Time: Wed Apr  8 12:40:42 2026 ]
@290 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to 192.168.160.7 port = smtp keep state (if-bound) label "id=1664885304" label "tags=user_rule" label "descr=sfidmz darf mailen" ridentifier 1664885304
  [ Evaluations: 42034     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@291 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.160.7 port = submission flags S/SA keep state (if-bound) label "id=1763382893" label "tags=user_rule" label "descr=sfidmz darf secure 587 mailen" ridentifier 1763382893
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@292 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to 192.168.160.7 port = submission keep state (if-bound) label "id=1763382893" label "tags=user_rule" label "descr=sfidmz darf secure 587 mailen" ridentifier 1763382893
  [ Evaluations: 1161      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@293 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to 192.168.130.136 port = 49206 flags S/SA keep state (if-bound) label "id=1664885925" label "tags=user_rule" label "descr=allow Licence from sf-integ-data" ridentifier 1664885925
  [ Evaluations: 286188    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@294 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to any port = http flags S/SA keep state (if-bound) label "id=1664885966" label "tags=user_rule" label "descr=allow HTTP from iDMZ to Everywhere" ridentifier 1664885966
  [ Evaluations: 244154    Packets: 1394189   Bytes: 1657692860  States: 4     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 50    ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@295 pass in quick on lagg0.4080 inet proto tcp from <OPT7__NETWORK:1> to any port = https flags S/SA keep state (if-bound) label "id=1664886056" label "tags=user_rule" label "descr=allow HTTPs from iDMZ to Everywhere" ridentifier 1664886056
  [ Evaluations: 242032    Packets: 1516593   Bytes: 1346790983  States: 27    ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 302   ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@296 pass in quick on lagg0.4080 inet proto udp from <OPT7__NETWORK:1> to any port = 4501 keep state (if-bound) label "id=1697119520" label "tags=user_rule" label "descr=allow udp Used for IPSec tunnel connections between Gl..." ridentifier 1697119520
  [ Evaluations: 267212    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@297 block drop in log quick on lagg0.4080 inet from <OPT7__NETWORK:1> to <LAN__NETWORK:1> label "id=1664886107" label "tags=user_rule" label "descr=block all iDMZ to LAN" ridentifier 1664886107
  [ Evaluations: 267212    Packets: 216317    Bytes: 11477412    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@298 block drop in log quick on lagg0.4080 inet6 from <OPT7__NETWORK:1> to <LAN__NETWORK:1> label "id=1664886107" label "tags=user_rule" label "descr=block all iDMZ to LAN" ridentifier 1664886107
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@299 block drop in log quick on lagg0.4080 inet all label "id=1664886171" label "tags=user_rule" label "descr=block all other" ridentifier 1664886171
  [ Evaluations: 50901     Packets: 50901     Bytes: 4872392     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:24 2026 ]
@300 block drop in log quick on lagg0.4080 inet6 all label "id=1664886171" label "tags=user_rule" label "descr=block all other" ridentifier 1664886171
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@301 block drop in log quick on lagg0.4081 inet proto tcp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1672825310" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672825310
  [ Evaluations: 272601    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@302 block drop in log quick on lagg0.4081 inet proto udp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1672825310" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1672825310
  [ Evaluations: 31899     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@303 pass in quick on lagg0.4081 inet proto tcp from <OPT8__NETWORK:1> to 192.168.129.170 port = netbios-ssn flags S/SA keep state (if-bound) label "id=1672087678" label "tags=user_rule" label "descr=allow OPSI 139" ridentifier 1672087678
  [ Evaluations: 30184     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@304 pass in quick on lagg0.4081 inet proto tcp from <OPT8__NETWORK:1> to 192.168.129.170 port = microsoft-ds flags S/SA keep state (if-bound) label "id=1672087739" label "tags=user_rule" label "descr=allow OPSI 445" ridentifier 1672087739
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@305 pass in quick on lagg0.4081 inet proto tcp from <OPT8__NETWORK:1> to 192.168.129.170 port = 4441 flags S/SA keep state (if-bound) label "id=1672087759" label "tags=user_rule" label "descr=allow OPSI 4441" ridentifier 1672087759
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@306 pass in quick on lagg0.4081 inet proto tcp from <OPT8__NETWORK:1> to 192.168.129.170 port = 4447 flags S/SA keep state (if-bound) label "id=1672087776" label "tags=user_rule" label "descr=allow OPSI 4447" ridentifier 1672087776
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@307 pass in quick on lagg0.4081 inet proto udp from <OPT8__NETWORK:1> to 192.168.160.1 port = ntp keep state (if-bound) label "id=1672915413" label "tags=user_rule" label "descr=ntp anfragen von itmgmt erlauben" ridentifier 1672915413
  [ Evaluations: 31918     Packets: 6726      Bytes: 511176      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 72    ]
  [ Last Active Time: Wed Apr  8 13:15:21 2026 ]
@308 pass in quick on lagg0.4081 inet proto tcp from <OPT8__NETWORK:1> to 192.168.160.7 port = smtp flags S/SA keep state (if-bound) label "id=1672914701" label "tags=user_rule" label "descr=allow Mail 25" ridentifier 1672914701
  [ Evaluations: 28621     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@309 pass in quick on lagg0.4081 inet proto icmp all icmp-type echorep keep state (if-bound) label "id=1665065012" label "tags=user_rule" label "descr=Allow Ping 2 LAN Net" ridentifier 1665065012
  [ Evaluations: 28621     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@310 pass in quick on lagg0.4081 inet proto icmp all icmp-type echoreq keep state (if-bound) label "id=1665065012" label "tags=user_rule" label "descr=Allow Ping 2 LAN Net" ridentifier 1665065012
  [ Evaluations: 3216      Packets: 6432      Bytes: 540288      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 70    ]
  [ Last Active Time: Wed Apr  8 13:13:33 2026 ]
@311 pass in quick on lagg0.4081 inet proto tcp from any to 192.168.129.119 port = domain flags S/SA keep state (if-bound) label "id=1665060355" label "tags=user_rule" label "descr=Allow DNS für jeden" ridentifier 1665060355
  [ Evaluations: 25405     Packets: 20        Bytes: 1016        States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@312 pass in quick on lagg0.4081 inet proto udp from any to 192.168.129.119 port = domain keep state (if-bound) label "id=1665060355" label "tags=user_rule" label "descr=Allow DNS für jeden" ridentifier 1665060355
  [ Evaluations: 25386     Packets: 17794     Bytes: 1634728     States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 109   ]
  [ Last Active Time: Wed Apr  8 13:15:23 2026 ]
@313 pass in quick on lagg0.4081 inet proto tcp from any to any port = http flags S/SA keep state (if-bound) label "id=1665060215" label "tags=user_rule" label "descr=Allow HTTP to everywhere" ridentifier 1665060215
  [ Evaluations: 20360     Packets: 402       Bytes: 342594      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@314 pass in quick on lagg0.4081 inet proto tcp from any to any port = https flags S/SA keep state (if-bound) label "id=1665060229" label "tags=user_rule" label "descr=Allow HTTPs to everywhere" ridentifier 1665060229
  [ Evaluations: 7         Packets: 108       Bytes: 63964       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@315 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <SambaSrv:2> flags S/SA keep state (if-bound) label "id=1665067469" label "tags=user_rule" label "descr=Allow TCP+UPD with SambaSrv" ridentifier 1665067469
  [ Evaluations: 3         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@316 pass in quick on lagg0.4081 inet proto udp from <ITMgmtSrv:1> to <SambaSrv:2> keep state (if-bound) label "id=1665067469" label "tags=user_rule" label "descr=Allow TCP+UPD with SambaSrv" ridentifier 1665067469
  [ Evaluations: 20343     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@317 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = ssh flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@318 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = icap flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@319 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = epmd flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@320 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = amqp flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@321 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 6150 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@322 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 6379 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@323 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port 7074:7077 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@324 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 7081 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@325 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 7083 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@326 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = http-alt flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@327 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 8443 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@328 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 27017 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@329 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 32002 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@330 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = 48652 flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@331 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = ldap flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@332 pass in quick on lagg0.4081 inet proto tcp from <ITMgmtSrv:1> to <AVSrv:1> port = ldaps flags S/SA keep state (if-bound) label "id=1665060942" label "tags=user_rule" label "descr=Allow TCP with AVSrv" ridentifier 1665060942
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@333 pass in quick on lagg0.4081 inet proto tcp from <prox_itmgmt:1> to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1766501267" label "tags=user_rule" label "descr=allow sfi-prox_itmgmt NFS zu sfi-texas" ridentifier 1766501267
  [ Evaluations: 20346     Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@334 pass in quick on lagg0.4081 inet proto tcp from <prox_itmgmt:1> to <sfi_texas:1> port = cryptoadmin flags S/SA keep state (if-bound) label "id=1766501299" label "tags=user_rule" label "descr=allow sfi-prox_itmgmt NFS zu sfi-texas" ridentifier 1766501299
  [ Evaluations: 3         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@335 pass in quick on lagg0.4081 inet proto tcp from <prox_itmgmt:1> to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1766501365" label "tags=user_rule" label "descr=FEBx9 allow prox_itmgmt NFSv4 zu sfi-texas" ridentifier 1766501365
  [ Evaluations: 3         Packets: 243       Bytes: 48884       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@336 block drop in quick on lagg0.4081 inet all label "id=1665411959" label "tags=user_rule" label "descr=block all other" ridentifier 1665411959
  [ Evaluations: 20345     Packets: 20345     Bytes: 10426115    States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 13:16:22 2026 ]
@337 block drop in quick on lagg0.4081 inet6 all label "id=1665411959" label "tags=user_rule" label "descr=block all other" ridentifier 1665411959
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@338 block drop in log quick on lagg0.4082 inet proto tcp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1736784392" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1736784392
  [ Evaluations: 233479    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@339 block drop in log quick on lagg0.4082 inet proto udp from 192.168.128.0/18 to 193.97.129.89 port = openvpn label "id=1736784392" label "tags=user_rule" label "descr=Block intern OpenVPN Clients USER*PW+CertFile_Yubi" ridentifier 1736784392
  [ Evaluations: 126718    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@340 pass in quick on lagg0.4082 inet all flags S/SA keep state (if-bound) label "id=1734893296" label "tags=user_rule" label "descr=Test mer mal" ridentifier 1734893296
  [ Evaluations: 222589    Packets: 29345745  Bytes: 28554269908  States: 115   ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 4993  ]
  [ Last Active Time: Wed Apr  8 13:16:26 2026 ]
@341 pass in quick on lagg0.4082 inet6 all flags S/SA keep state (if-bound) label "id=1734893296" label "tags=user_rule" label "descr=Test mer mal" ridentifier 1734893296
  [ Evaluations: 372       Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@342 block drop in quick on lagg0.4082 inet all label "id=1734941732" label "tags=user_rule" label "descr=Test mer mal" ridentifier 1734941732
  [ Evaluations: 372       Packets: 372       Bytes: 33247       States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: Wed Apr  8 12:15:12 2026 ]
@343 block drop in quick on lagg0.4082 inet6 all label "id=1734941732" label "tags=user_rule" label "descr=Test mer mal" ridentifier 1734941732
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@344 pass in quick on lagg0.4084 inet proto tcp from <OPT11__NETWORK:1> to 192.168.129.119 port = domain flags S/SA keep state (if-bound) label "id=1765903838" label "tags=user_rule" label "descr=allow DNS to SF from EOLSRV Netz" ridentifier 1765903838
  [ Evaluations: 6682      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@345 pass in quick on lagg0.4084 inet proto udp from <OPT11__NETWORK:1> to 192.168.129.119 port = domain keep state (if-bound) label "id=1765903838" label "tags=user_rule" label "descr=allow DNS to SF from EOLSRV Netz" ridentifier 1765903838
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@346 pass in quick on lagg0.4084 inet proto udp from <OPT11__NETWORK:1> to 192.168.160.1 port = ntp keep state (if-bound) label "id=1765903879" label "tags=user_rule" label "descr=allow NTP to sfi-samba4 from EOLSrv Netz" ridentifier 1765903879
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@347 pass in quick on lagg0.4084 inet proto tcp from 192.168.4.101 to 192.168.160.1 port = ldap flags S/SA keep state (if-bound) label "id=1769004244" label "tags=user_rule" label "descr=FEBx9 allow proxeolSrv LDAP t" ridentifier 1769004244
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@348 pass in quick on lagg0.4084 inet proto tcp from 192.168.4.101 to 192.168.160.11 port = ldap flags S/SA keep state (if-bound) label "id=1769004316" label "tags=user_rule" label "descr=FEBx9 allow proxeolSrv LDAP t" ridentifier 1769004316
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@349 pass in quick on lagg0.4084 inet proto tcp from 192.168.4.101 to <sfi_texas:1> port = sunrpc flags S/SA keep state (if-bound) label "id=1768921232" label "tags=user_rule" label "descr=allow prox-eolsrv NFS zu sfi-texas" ridentifier 1768921232
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@350 pass in quick on lagg0.4084 inet proto tcp from 192.168.4.101 to <sfi_texas:1> port = nfsd flags S/SA keep state (if-bound) label "id=1768921248" label "tags=user_rule" label "descr=FEBx9 allow prox-eolsrv NFSv4 zu sfi-texas" ridentifier 1768921248
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@351 pass in quick on lagg0.4084 inet proto tcp from <OPT11__NETWORK:1> to any port = http flags S/SA keep state (if-bound) label "id=1765903932" label "tags=user_rule" label "descr=allow HTTP to SF from EOLSrv Netz (auch apt)" ridentifier 1765903932
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@352 pass in quick on lagg0.4084 inet proto tcp from <OPT11__NETWORK:1> to any port = https flags S/SA keep state (if-bound) label "id=1765903956" label "tags=user_rule" label "descr=allow HTTPs to SF from EOLSrv Netz" ridentifier 1765903956
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@353 pass in quick on lagg0.4084 inet proto icmp from <OPT11__NETWORK:1> to any icmp-type echorep keep state (if-bound) label "id=1765904066" label "tags=user_rule" label "descr=Allow Ping from EOLSrv Net" ridentifier 1765904066
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@354 pass in quick on lagg0.4084 inet proto icmp from <OPT11__NETWORK:1> to any icmp-type echoreq keep state (if-bound) label "id=1765904066" label "tags=user_rule" label "descr=Allow Ping from EOLSrv Net" ridentifier 1765904066
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@355 block drop in quick on lagg0.4084 inet proto tcp all flags S/SA label "id=1768920686" label "tags=user_rule" label "descr=block everything else" ridentifier 1768920686
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@356 pass out route-to (lagg0.4090 193.97.129.90) inet proto udp from (self:17) to 185.169.78.2 port = isakmp keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - outbound ..." ridentifier 1000110451
  [ Evaluations: 1581693   Packets: 2         Bytes: 696         States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@357 pass in on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from 185.169.78.2 to (self:17) port = isakmp keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - inbound i..." ridentifier 1000110452
  [ Evaluations: 854765    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@358 pass out route-to (lagg0.4090 193.97.129.90) inet proto udp from (self:17) to 185.169.78.2 port = ipsec-nat-t keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - outbound ..." ridentifier 1000110453
  [ Evaluations: 854772    Packets: 1194      Bytes: 143096      States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@359 pass in on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto udp from 185.169.78.2 to (self:17) port = ipsec-nat-t keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - inbound n..." ridentifier 1000110454
  [ Evaluations: 854765    Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@360 pass out route-to (lagg0.4090 193.97.129.90) inet proto esp from (self:17) to 185.169.78.2 keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - outbound ..." ridentifier 1000110455
  [ Evaluations: 1581693   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@361 pass in on lagg0.4090 reply-to (lagg0.4090 193.97.129.90) inet proto esp from 185.169.78.2 to (self:17) keep state (if-bound) label "descr=IPsec: Site-to-site IPsec to Schmalz Phase - inbound e..." ridentifier 1000110456
  [ Evaluations: 3589      Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
@362 anchor "tftp-proxy/*" all
  [ Evaluations: 1581693   Packets: 0         Bytes: 0           States: 0     ]
  [ Source Nodes: 0      Limit: 0      NAT/RDR: 0      Route: 0      ]
  [ Inserted: uid 0 pid 0 State Creations: 0     ]
  [ Last Active Time: N/A ]
