libvirt/tests/nwfilterxml2xmlout/example-2.xml

<filter name='testcase' chain='root'>
  <uuid>01a992d2-f8c8-7c27-f69b-ab0a9d377379</uuid>
  <rule action='accept' direction='out' priority='100'>
    <all state='ESTABLISHED,RELATED' comment='out: existing and related (ftp) connections'/>
  </rule>
  <rule action='accept' direction='in' priority='100'>
    <all state='ESTABLISHED' comment='in: existing connections'/>
  </rule>
  <rule action='accept' direction='in' priority='200'>
    <tcp state='NEW' dstportstart='21' dstportend='22' comment='in: ftp and ssh'/>
  </rule>
  <rule action='accept' direction='in' priority='300'>
    <icmp state='NEW' comment='in: icmp'/>
  </rule>
  <rule action='accept' direction='out' priority='300'>
    <udp state='NEW' dstportstart='53' comment='out: DNS lookups'/>
  </rule>
  <rule action='drop' direction='inout' priority='1000'>
    <all comment='inout: drop all non-accepted traffic'/>
  </rule>
</filter>