add switch l3filter match=protocol,tcpsyn,tcpack import=true
add switch l3filter=1 entry iport=1 protocol=tcp tcpsyn=true tcpack=false action=deny
add switch l3filter match=protocol import=true
add switch l3filter=2 entry iport=1 protocol=udp action=deny
add switch l3filter match=dipaddr,protocol,tcpsyn,tcpack,tcpdport dclass=host import=true
add switch l3filter=3 entry iport=1 dipaddr=192.168.1.1 protocol=tcp tcpsyn=true tcpack=false tcpdport=22 action=nodrop
add switch l3filter=3 entry iport=1 dipaddr=192.168.1.1 protocol=tcp tcpsyn=true tcpack=false tcpdport=25 action=nodrop
add switch l3filter=3 entry iport=1 dipaddr=192.168.1.1 protocol=tcp tcpsyn=true tcpack=false tcpdport=80 action=nodrop
add switch l3filter match=dipaddr,protocol,udpdport dclass=host import=true
add switch l3filter=4 entry iport=1 dipaddr=192.168.1.1 protocol=udp udpdport=53 action=nodrop
add switch l3filter match=sipaddr,dipaddr,protocol,tcpsyn,tcpack,tcpdport sclass=24 dclass=24 import=true
add switch l3filter=5 entry iport=1 sipaddr=192.168.60.0 dipaddr=192.168.1.0 protocol=tcp tcpsyn=true tcpack=false tcpdport=6000 action=nodrop
add switch l3filter=5 entry iport=1 sipaddr=192.168.100.0 dipaddr=192.168.1.0 protocol=tcp tcpsyn=true tcpack=false tcpdport=6000 action=nodrop
add switch l3filter match=sipaddr,dipaddr,protocol,udpsport sclass=16 dclass=24 import=true
add switch l3filter=6 entry iport=1 sipaddr=192.168.0.0 dipaddr=192.168.1.0 protocol=udp udpsport=53 action=nodrop
add switch l3filter=6 entry iport=1 sipaddr=192.168.0.0 dipaddr=192.168.1.0 protocol=udp udpsport=123 action=nodrop