     1	#
     2	# Default PF configuration file.
     3	#
     4	# This file contains the main ruleset, which gets automatically loaded
     5	# at startup.  PF will not be automatically enabled, however.  Instead,
     6	# each component which utilizes PF is responsible for enabling and disabling
     7	# PF via -E and -X as documented in pfctl(8).  That will ensure that PF
     8	# is disabled only when the last enable reference is released.
     9	#
    10	# Care must be taken to ensure that the main ruleset does not get flushed,
    11	# as the nested anchors rely on the anchor point defined here.
    12	#
    13	# See pf.conf(5) for syntax.
    14	#
    15	
    16	#
    17	# com.apple anchor point
    18	#
    19	scrub-anchor "com.apple/*"
    20	nat-anchor "com.apple/*"
    21	rdr-anchor "com.apple/*"
    22	anchor "com.apple/*"
    23	load anchor "com.apple" from "/etc/pf.anchors/com.apple"
