# Put passthrough rules on top, drop rules on bottom, rules are applied in order (top down)
rules:
  - match: udp dst port 53
    type: passthrough
  - match: tcp dst port 21
    type: conn_handler
    target: ftp
  - match: tcp dst port 23 or port 2323 or port 23231
    type: conn_handler
    target: telnet
  - match: tcp dst port 25
    type: conn_handler
    target: smtp
  - match: tcp dst port 445
    type: conn_handler
    target: smb
  - match: tcp dst port 3389
    type: conn_handler
    target: rdp
  - match: tcp dst port 5060
    type: conn_handler
    target: sip
  - match: tcp
    type: conn_handler
    target: default
  - match: 
    type: drop