diff --git a/src/etc/ipf.rules b/src/etc/ipf.rules
index f74c3fc2..cfc081af 100644
--- a/src/etc/ipf.rules
+++ b/src/etc/ipf.rules
@@ -1,4 +1,4 @@
-#	$OpenBSD: ipf.rules,v 1.2 1996/05/26 10:25:24 deraadt Exp $
+#	$OpenBSD: ipf.rules,v 1.3 1997/02/26 04:36:34 kstailey Exp $
 #
 # IP filtering rules.  See the ipf(5) man page for more
 # information on the format of this file, and /usr/share/ipf
@@ -8,3 +8,9 @@
 #
 pass in from any to any
 pass out from any to any
+#
+# Prevent web server access, except to localhost which is using ip 10.1.1.3:
+#
+# block return-rst in proto tcp from any to any port = 80
+# pass in proto tcp from 127.0.0.0/8 to 127.0.0.0/8 port = 80
+# pass in proto tcp from 10.1.1.3 to 10.1.1.3 port = 80