#define	BAR	foo
#define	foo	10.1.1.1
#define	bar	10.1.1.254
#if defined(__cisco__)
interface ethernet0
access-list 101
#endif
#if defined(__ipfilter__) || defined(__ipfirewall__)
interface le0
#endif
#if defined(__ipfw__) || defined(__ipfwadm__)
interface 10.1.1.1
#endif
policy block in all

if ( in ) then {
	set protocol tcp
	if ( from host BAR and opening ) then {
		block .
	}
	if ( from foo and to host bar ) then {
		log body and block .
	}
	if ( to port 2049 ) then {
		log and block .
	}
	pass .
}
end-policy
policy pass out all
end-policy
