pcmoore/libseccomp-issues_148_2

## libseccomp-issues_148_2
#
# pseudo filter code start
#
# filter for arch x86_64 (3221225534)
if ($arch == 3221225534)
  # filter for syscall "fstat64" (4294957286) [priority: 65535]
  if ($syscall == 4294957286)
    action ALLOW;
  # filter for syscall "getegid32" (4294957281) [priority: 65535]
  if ($syscall == 4294957281)
    action ALLOW;
  # filter for syscall "geteuid32" (4294957280) [priority: 65535]
  if ($syscall == 4294957280)
    action ALLOW;
  # filter for syscall "getgid32" (4294957279) [priority: 65535]
  if ($syscall == 4294957279)
    action ALLOW;
  # filter for syscall "getuid32" (4294957275) [priority: 65535]
  if ($syscall == 4294957275)
    action ALLOW;
  # filter for syscall "_llseek" (4294957270) [priority: 65535]
  if ($syscall == 4294957270)
    action ALLOW;
  # filter for syscall "sigreturn" (4294957238) [priority: 65535]
  if ($syscall == 4294957238)
    action ALLOW;
  # filter for syscall "stat64" (4294957234) [priority: 65535]
  if ($syscall == 4294957234)
    action ALLOW;
  # filter for syscall "getrandom" (318) [priority: 65535]
  if ($syscall == 318)
    action ALLOW;
  # filter for syscall "prlimit64" (302) [priority: 65535]
  if ($syscall == 302)
    action ALLOW;
  # filter for syscall "pipe2" (293) [priority: 65535]
  if ($syscall == 293)
    action ALLOW;
  # filter for syscall "eventfd2" (290) [priority: 65535]
  if ($syscall == 290)
    action ALLOW;
  # filter for syscall "epoll_pwait" (281) [priority: 65535]
  if ($syscall == 281)
    action ALLOW;
  # filter for syscall "set_robust_list" (273) [priority: 65535]
  if ($syscall == 273)
    action ALLOW;
  # filter for syscall "epoll_wait" (232) [priority: 65535]
  if ($syscall == 232)
    action ALLOW;
  # filter for syscall "exit_group" (231) [priority: 65535]
  if ($syscall == 231)
    action ALLOW;
  # filter for syscall "clock_gettime" (228) [priority: 65535]
  if ($syscall == 228)
    action ALLOW;
  # filter for syscall "getdents64" (217) [priority: 65535]
  if ($syscall == 217)
    action ALLOW;
  # filter for syscall "epoll_create" (213) [priority: 65535]
  if ($syscall == 213)
    action ALLOW;
  # filter for syscall "sched_getaffinity" (204) [priority: 65535]
  if ($syscall == 204)
    action ALLOW;
  # filter for syscall "futex" (202) [priority: 65535]
  if ($syscall == 202)
    action ALLOW;
  # filter for syscall "gettid" (186) [priority: 65535]
  if ($syscall == 186)
    action ALLOW;
  # filter for syscall "setrlimit" (160) [priority: 65535]
  if ($syscall == 160)
    action ALLOW;
  # filter for syscall "_sysctl" (156) [priority: 65535]
  if ($syscall == 156)
    action ERRNO(1);
  # filter for syscall "mlockall" (151) [priority: 65535]
  if ($syscall == 151)
    action ALLOW;
  # filter for syscall "sigaltstack" (131) [priority: 65535]
  if ($syscall == 131)
    action ALLOW;
  # filter for syscall "getegid" (108) [priority: 65535]
  if ($syscall == 108)
    action ALLOW;
  # filter for syscall "geteuid" (107) [priority: 65535]
  if ($syscall == 107)
    action ALLOW;
  # filter for syscall "getgid" (104) [priority: 65535]
  if ($syscall == 104)
    action ALLOW;
  # filter for syscall "getuid" (102) [priority: 65535]
  if ($syscall == 102)
    action ALLOW;
  # filter for syscall "sysinfo" (99) [priority: 65535]
  if ($syscall == 99)
    action ALLOW;
  # filter for syscall "getrlimit" (97) [priority: 65535]
  if ($syscall == 97)
    action ALLOW;
  # filter for syscall "gettimeofday" (96) [priority: 65535]
  if ($syscall == 96)
    action ALLOW;
  # filter for syscall "fchmod" (91) [priority: 65535]
  if ($syscall == 91)
    action ALLOW;
  # filter for syscall "unlink" (87) [priority: 65535]
  if ($syscall == 87)
    action ALLOW;
  # filter for syscall "mkdir" (83) [priority: 65535]
  if ($syscall == 83)
    action ALLOW;
  # filter for syscall "getdents" (78) [priority: 65535]
  if ($syscall == 78)
    action ALLOW;
  # filter for syscall "fcntl" (72) [priority: 65535]
  if ($syscall == 72)
    action ALLOW;
  # filter for syscall "uname" (63) [priority: 65535]
  if ($syscall == 63)
    action ALLOW;
  # filter for syscall "wait4" (61) [priority: 65535]
  if ($syscall == 61)
    action ALLOW;
  # filter for syscall "exit" (60) [priority: 65535]
  if ($syscall == 60)
    action ALLOW;
  # filter for syscall "clone" (56) [priority: 65535]
  if ($syscall == 56)
    action ALLOW;
  # filter for syscall "getsockname" (51) [priority: 65535]
  if ($syscall == 51)
    action ALLOW;
  # filter for syscall "listen" (50) [priority: 65535]
  if ($syscall == 50)
    action ALLOW;
  # filter for syscall "bind" (49) [priority: 65535]
  if ($syscall == 49)
    action ALLOW;
  # filter for syscall "shutdown" (48) [priority: 65535]
  if ($syscall == 48)
    action ALLOW;
  # filter for syscall "recvmsg" (47) [priority: 65535]
  if ($syscall == 47)
    action ALLOW;
  # filter for syscall "sendmsg" (46) [priority: 65535]
  if ($syscall == 46)
    action ALLOW;
  # filter for syscall "recvfrom" (45) [priority: 65535]
  if ($syscall == 45)
    action ALLOW;
  # filter for syscall "sendto" (44) [priority: 65535]
  if ($syscall == 44)
    action ALLOW;
  # filter for syscall "connect" (42) [priority: 65535]
  if ($syscall == 42)
    action ALLOW;
  # filter for syscall "getpid" (39) [priority: 65535]
  if ($syscall == 39)
    action ALLOW;
  # filter for syscall "nanosleep" (35) [priority: 65535]
  if ($syscall == 35)
    action ALLOW;
  # filter for syscall "madvise" (28) [priority: 65535]
  if ($syscall == 28)
    action ALLOW;
  # filter for syscall "sched_yield" (24) [priority: 65535]
  if ($syscall == 24)
    action ALLOW;
  # filter for syscall "pipe" (22) [priority: 65535]
  if ($syscall == 22)
    action ALLOW;
  # filter for syscall "access" (21) [priority: 65535]
  if ($syscall == 21)
    action ALLOW;
  # filter for syscall "writev" (20) [priority: 65535]
  if ($syscall == 20)
    action ALLOW;
  # filter for syscall "rt_sigreturn" (15) [priority: 65535]
  if ($syscall == 15)
    action ALLOW;
  # filter for syscall "brk" (12) [priority: 65535]
  if ($syscall == 12)
    action ALLOW;
  # filter for syscall "munmap" (11) [priority: 65535]
  if ($syscall == 11)
    action ALLOW;
  # filter for syscall "mmap" (9) [priority: 65535]
  if ($syscall == 9)
    action ALLOW;
  # filter for syscall "lseek" (8) [priority: 65535]
  if ($syscall == 8)
    action ALLOW;
  # filter for syscall "poll" (7) [priority: 65535]
  if ($syscall == 7)
    action ALLOW;
  # filter for syscall "fstat" (5) [priority: 65535]
  if ($syscall == 5)
    action ALLOW;
  # filter for syscall "stat" (4) [priority: 65535]
  if ($syscall == 4)
    action ALLOW;
  # filter for syscall "close" (3) [priority: 65535]
  if ($syscall == 3)
    action ALLOW;
  # filter for syscall "write" (1) [priority: 65535]
  if ($syscall == 1)
    action ALLOW;
  # filter for syscall "read" (0) [priority: 65535]
  if ($syscall == 0)
    action ALLOW;
  # filter for syscall "accept4" (288) [priority: 65533]
  if ($syscall == 288)
    if ($a3.hi32 & 0xffffffff == 0)
      if ($a3.lo32 & 0xfff7f7ff == 0)
        action ALLOW;
  # filter for syscall "time" (201) [priority: 65533]
  if ($syscall == 201)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 0)
        action ALLOW;
  # filter for syscall "prctl" (157) [priority: 65533]
  if ($syscall == 157)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 4)
        action ALLOW;
  # filter for syscall "chown" (92) [priority: 65533]
  if ($syscall == 92)
    if ($a0.hi32 == 31462)
      if ($a0.lo32 == 1387171840)
        action ALLOW;
  # filter for syscall "chmod" (90) [priority: 65533]
  if ($syscall == 90)
    if ($a0.hi32 == 31462)
      if ($a0.lo32 == 1387171840)
        action ALLOW;
  # filter for syscall "kill" (62) [priority: 65533]
  if ($syscall == 62)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 0)
        action ALLOW;
  # filter for syscall "ioctl" (16) [priority: 65533]
  if ($syscall == 16)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 35147)
        action ALLOW;
  # filter for syscall "open" (2) [priority: 65533]
  if ($syscall == 2)
    if ($a1.hi32 & 0xffffffff == 0)
      if ($a1.lo32 & 0xfff5f6ff == 0)
        action ERRNO(13);
  # filter for syscall "flock" (73) [priority: 65532]
  if ($syscall == 73)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 8)
        action ALLOW;
      if ($a1.lo32 == 6)
        action ALLOW;
  # filter for syscall "rt_sigprocmask" (14) [priority: 65532]
  if ($syscall == 14)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 2)
        action ALLOW;
      if ($a0.lo32 == 1)
        action ALLOW;
  # filter for syscall "epoll_ctl" (233) [priority: 65531]
  if ($syscall == 233)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 3)
        action ALLOW;
      if ($a1.lo32 == 2)
        action ALLOW;
      if ($a1.lo32 == 1)
        action ALLOW;
  # filter for syscall "socketpair" (53) [priority: 65531]
  if ($syscall == 53)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 1)
        if ($a1.hi32 == 0)
          if ($a1.lo32 == 524289)
            action ALLOW;
  # filter for syscall "mremap" (25) [priority: 65531]
  if ($syscall == 25)
    if ($a3.hi32 == 0)
      if ($a3.lo32 == 1)
        action ALLOW;
    if ($a0.hi32 == 31462)
      if ($a0.lo32 == 1366200320)
        action KILL;
  # filter for syscall "fcntl64" (4294957287) [priority: 65526]
  if ($syscall == 4294957287)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 4)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 2050)
            action ALLOW;
      if ($a1.lo32 == 3)
        action ALLOW;
      if ($a1.lo32 == 2)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 1)
            action ALLOW;
      if ($a1.lo32 == 1)
        action ALLOW;
  # filter for syscall "rt_sigaction" (13) [priority: 65526]
  if ($syscall == 13)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 25)
        action ALLOW;
      if ($a0.lo32 == 17)
        action ALLOW;
      if ($a0.lo32 == 15)
        action ALLOW;
      if ($a0.lo32 == 13)
        action ALLOW;
      if ($a0.lo32 == 12)
        action ALLOW;
      if ($a0.lo32 == 10)
        action ALLOW;
      if ($a0.lo32 == 2)
        action ALLOW;
      if ($a0.lo32 == 1)
        action ALLOW;
  # filter for syscall "setsockopt" (54) [priority: 65522]
  if ($syscall == 54)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 41)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 26)
            action ALLOW;
      if ($a1.lo32 == 1)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 32)
            action ALLOW;
          if ($a2.lo32 == 8)
            action ALLOW;
          if ($a2.lo32 == 7)
            action ALLOW;
          if ($a2.lo32 == 2)
            action ALLOW;
      if ($a1.lo32 == 0)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 19)
            action ALLOW;
  # filter for syscall "getsockopt" (55) [priority: 65520]
  if ($syscall == 55)
    if ($a1.hi32 == 0)
      if ($a1.lo32 == 41)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 80)
            action ALLOW;
      if ($a1.lo32 == 6)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 11)
            action ALLOW;
      if ($a1.lo32 == 1)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 30)
            action ALLOW;
          if ($a2.lo32 == 7)
            action ALLOW;
          if ($a2.lo32 == 4)
            action ALLOW;
      if ($a1.lo32 == 0)
        if ($a2.hi32 == 0)
          if ($a2.lo32 == 80)
            action ALLOW;
  # filter for syscall "mmap2" (4294957267) [priority: 65519]
  if ($syscall == 4294957267)
    if ($a2.hi32 == 0)
      if ($a2.lo32 == 5)
        if ($a3.hi32 == 0)
          if ($a3.lo32 == 2050)
            action ALLOW;
      if ($a2.lo32 == 3)
        if ($a3.hi32 == 0)
          if ($a3.lo32 == 131106)
            action ALLOW;
          if ($a3.lo32 == 2066)
            action ALLOW;
          if ($a3.lo32 == 50)
            action ALLOW;
          if ($a3.lo32 == 34)
            action ALLOW;
      if ($a2.lo32 == 1)
        if ($a3.hi32 == 0)
          if ($a3.lo32 == 2)
            action ALLOW;
      if ($a2.lo32 == 0)
        if ($a3.hi32 == 0)
          if ($a3.lo32 == 16418)
            action ALLOW;
  # filter for syscall "mprotect" (10) [priority: 65518]
  if ($syscall == 10)
    if ($a2.hi32 == 0)
      if ($a2.lo32 == 1)
        action ALLOW;
      if ($a2.lo32 == 0)
        action ALLOW;
    if ($a0.hi32 > 31462)
      if ($a1.hi32 > 0)
      else
        if ($a1.hi32 == 0)
          if ($a1.lo32 > 20971520)
          else
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 3)
                action ALLOW;
        else
          if ($a2.hi32 == 0)
            if ($a2.lo32 == 3)
              action ALLOW;
    else
      if ($a0.hi32 == 31462)
        if ($a0.lo32 >= 1366200320)
        else
          if ($a1.hi32 > 0)
          else
            if ($a1.hi32 == 0)
              if ($a1.lo32 > 20971520)
              else
                if ($a2.hi32 == 0)
                  if ($a2.lo32 == 3)
                    action ALLOW;
            else
              if ($a2.hi32 == 0)
                if ($a2.lo32 == 3)
                  action ALLOW;
        if ($a0.lo32 > 1387174969)
          if ($a1.hi32 > 0)
          else
            if ($a1.hi32 == 0)
              if ($a1.lo32 > 20971520)
              else
                if ($a2.hi32 == 0)
                  if ($a2.lo32 == 3)
                    action ALLOW;
            else
              if ($a2.hi32 == 0)
                if ($a2.lo32 == 3)
                  action ALLOW;
      else
        if ($a1.hi32 > 0)
        else
          if ($a1.hi32 == 0)
            if ($a1.lo32 > 20971520)
            else
              if ($a2.hi32 == 0)
                if ($a2.lo32 == 3)
                  action ALLOW;
          else
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 3)
                action ALLOW;
  # filter for syscall "socket" (41) [priority: 65505]
  if ($syscall == 41)
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 16)
        if ($a1.hi32 & 0xffffffff == 0)
          if ($a1.lo32 & 0xfff7ffff == 3)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 0)
                action ALLOW;
      if ($a0.lo32 == 10)
        if ($a1.hi32 & 0xffffffff == 0)
          if ($a1.lo32 & 0xfff7f7ff == 2)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 17)
                action ALLOW;
              if ($a2.lo32 == 0)
                action ALLOW;
          if ($a1.lo32 & 0xfff7f7ff == 1)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 6)
                action ALLOW;
      if ($a0.lo32 == 2)
        if ($a1.hi32 & 0xffffffff == 0)
          if ($a1.lo32 & 0xfff7f7ff == 2)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 17)
                action ALLOW;
              if ($a2.lo32 == 0)
                action ALLOW;
          if ($a1.lo32 & 0xfff7f7ff == 1)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 6)
                action ALLOW;
      if ($a0.lo32 == 1)
        if ($a1.hi32 & 0xffffffff == 0)
          if ($a1.lo32 & 0xfff7f7ff == 2)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 0)
                action ALLOW;
          if ($a1.lo32 & 0xfff7f7ff == 1)
            action ALLOW;
  # filter for syscall "rename" (82) [priority: 65480]
  if ($syscall == 82)
    if ($a0.hi32 == 31462)
      if ($a0.lo32 == 1387173113)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387173148)
            action ALLOW;
      if ($a0.lo32 == 1387173039)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387173078)
            action ALLOW;
      if ($a0.lo32 == 1387172957)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387173000)
            action ALLOW;
      if ($a0.lo32 == 1387172855)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172908)
            action ALLOW;
      if ($a0.lo32 == 1387172761)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172810)
            action ALLOW;
      if ($a0.lo32 == 1387172721)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172685)
            action ALLOW;
      if ($a0.lo32 == 1387172645)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172685)
            action ALLOW;
      if ($a0.lo32 == 1387172601)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172645)
            action ALLOW;
      if ($a0.lo32 == 1387172560)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172523)
            action ALLOW;
      if ($a0.lo32 == 1387172482)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172523)
            action ALLOW;
      if ($a0.lo32 == 1387172437)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172482)
            action ALLOW;
      if ($a0.lo32 == 1387172398)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172363)
            action ALLOW;
      if ($a0.lo32 == 1387172320)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387171949)
            action ALLOW;
      if ($a0.lo32 == 1387172292)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172023)
            action ALLOW;
      if ($a0.lo32 == 1387172234)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172265)
            action ALLOW;
      if ($a0.lo32 == 1387172160)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172199)
            action ALLOW;
      if ($a0.lo32 == 1387172088)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172126)
            action ALLOW;
      if ($a0.lo32 == 1387171949)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387172363)
            action ALLOW;
  # filter for syscall "openat" (257) [priority: 65477]
  if ($syscall == 257)
    if ($a2.hi32 & 0xffffffff == 0)
      if ($a2.lo32 & 0xfff5f6ff == 0)
        action ERRNO(13);
    if ($a0.hi32 == 4294967295)
      if ($a0.lo32 == 4294967196)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387173457)
            if ($a2.hi32 == 0)
              if ($a2.lo32 == 591872)
                action ALLOW;
    if ($a0.hi32 == 0)
      if ($a0.lo32 == 4294967196)
        if ($a1.hi32 == 31462)
          if ($a1.lo32 == 1387173434)
            action ALLOW;
          if ($a1.lo32 == 1387173389)
            action ALLOW;
          if ($a1.lo32 == 1387173346)
            action ALLOW;
          if ($a1.lo32 == 1387173308)
            action ALLOW;
          if ($a1.lo32 == 1387173295)
            action ALLOW;
          if ($a1.lo32 == 1387173282)
            action ALLOW;
          if ($a1.lo32 == 1387173270)
            action ALLOW;
          if ($a1.lo32 == 1387173259)
            action ALLOW;
          if ($a1.lo32 == 1387173245)
            action ALLOW;
          if ($a1.lo32 == 1387173228)
            action ALLOW;
          if ($a1.lo32 == 1387173213)
            action ALLOW;
          if ($a1.lo32 == 1387173179)
            action ALLOW;
          if ($a1.lo32 == 1387173148)
            action ALLOW;
          if ($a1.lo32 == 1387173113)
            action ALLOW;
          if ($a1.lo32 == 1387173078)
            action ALLOW;
          if ($a1.lo32 == 1387173039)
            action ALLOW;
          if ($a1.lo32 == 1387173000)
            action ALLOW;
          if ($a1.lo32 == 1387172957)
            action ALLOW;
          if ($a1.lo32 == 1387172908)
            action ALLOW;
          if ($a1.lo32 == 1387172855)
            action ALLOW;
          if ($a1.lo32 == 1387172810)
            action ALLOW;
          if ($a1.lo32 == 1387172761)
            action ALLOW;
          if ($a1.lo32 == 1387172721)
            action ALLOW;
          if ($a1.lo32 == 1387172685)
            action ALLOW;
          if ($a1.lo32 == 1387172645)
            action ALLOW;
          if ($a1.lo32 == 1387172601)
            action ALLOW;
          if ($a1.lo32 == 1387172560)
            action ALLOW;
          if ($a1.lo32 == 1387172523)
            action ALLOW;
          if ($a1.lo32 == 1387172482)
            action ALLOW;
          if ($a1.lo32 == 1387172437)
            action ALLOW;
          if ($a1.lo32 == 1387172398)
            action ALLOW;
          if ($a1.lo32 == 1387172363)
            action ALLOW;
          if ($a1.lo32 == 1387172320)
            action ALLOW;
          if ($a1.lo32 == 1387172292)
            action ALLOW;
          if ($a1.lo32 == 1387172265)
            action ALLOW;
          if ($a1.lo32 == 1387172234)
            action ALLOW;
          if ($a1.lo32 == 1387172199)
            action ALLOW;
          if ($a1.lo32 == 1387172160)
            action ALLOW;
          if ($a1.lo32 == 1387172126)
            action ALLOW;
          if ($a1.lo32 == 1387172088)
            action ALLOW;
          if ($a1.lo32 == 1387172070)
            action ALLOW;
          if ($a1.lo32 == 1387172023)
            action ALLOW;
          if ($a1.lo32 == 1387171949)
            action ALLOW;
          if ($a1.lo32 == 1387171940)
            action ALLOW;
          if ($a1.lo32 == 1387171912)
            action ALLOW;
          if ($a1.lo32 == 1387171866)
            action ALLOW;
          if ($a1.lo32 == 1387171857)
            action ALLOW;
  # default action
  action TRAP;
# invalid architecture action
action KILL;
#
# pseudo filter code end
#
	#
	# pseudo filter code start
	#
	# filter for arch x86_64 (3221225534)
	if ($arch == 3221225534)
	# filter for syscall "fstat64" (4294957286) [priority: 65535]
	if ($syscall == 4294957286)
	action ALLOW;
	# filter for syscall "getegid32" (4294957281) [priority: 65535]
	if ($syscall == 4294957281)
	action ALLOW;
	# filter for syscall "geteuid32" (4294957280) [priority: 65535]
	if ($syscall == 4294957280)
	action ALLOW;
	# filter for syscall "getgid32" (4294957279) [priority: 65535]
	if ($syscall == 4294957279)
	action ALLOW;
	# filter for syscall "getuid32" (4294957275) [priority: 65535]
	if ($syscall == 4294957275)
	action ALLOW;
	# filter for syscall "_llseek" (4294957270) [priority: 65535]
	if ($syscall == 4294957270)
	action ALLOW;
	# filter for syscall "sigreturn" (4294957238) [priority: 65535]
	if ($syscall == 4294957238)
	action ALLOW;
	# filter for syscall "stat64" (4294957234) [priority: 65535]
	if ($syscall == 4294957234)
	action ALLOW;
	# filter for syscall "getrandom" (318) [priority: 65535]
	if ($syscall == 318)
	action ALLOW;
	# filter for syscall "prlimit64" (302) [priority: 65535]
	if ($syscall == 302)
	action ALLOW;
	# filter for syscall "pipe2" (293) [priority: 65535]
	if ($syscall == 293)
	action ALLOW;
	# filter for syscall "eventfd2" (290) [priority: 65535]
	if ($syscall == 290)
	action ALLOW;
	# filter for syscall "epoll_pwait" (281) [priority: 65535]
	if ($syscall == 281)
	action ALLOW;
	# filter for syscall "set_robust_list" (273) [priority: 65535]
	if ($syscall == 273)
	action ALLOW;
	# filter for syscall "epoll_wait" (232) [priority: 65535]
	if ($syscall == 232)
	action ALLOW;
	# filter for syscall "exit_group" (231) [priority: 65535]
	if ($syscall == 231)
	action ALLOW;
	# filter for syscall "clock_gettime" (228) [priority: 65535]
	if ($syscall == 228)
	action ALLOW;
	# filter for syscall "getdents64" (217) [priority: 65535]
	if ($syscall == 217)
	action ALLOW;
	# filter for syscall "epoll_create" (213) [priority: 65535]
	if ($syscall == 213)
	action ALLOW;
	# filter for syscall "sched_getaffinity" (204) [priority: 65535]
	if ($syscall == 204)
	action ALLOW;
	# filter for syscall "futex" (202) [priority: 65535]
	if ($syscall == 202)
	action ALLOW;
	# filter for syscall "gettid" (186) [priority: 65535]
	if ($syscall == 186)
	action ALLOW;
	# filter for syscall "setrlimit" (160) [priority: 65535]
	if ($syscall == 160)
	action ALLOW;
	# filter for syscall "_sysctl" (156) [priority: 65535]
	if ($syscall == 156)
	action ERRNO(1);
	# filter for syscall "mlockall" (151) [priority: 65535]
	if ($syscall == 151)
	action ALLOW;
	# filter for syscall "sigaltstack" (131) [priority: 65535]
	if ($syscall == 131)
	action ALLOW;
	# filter for syscall "getegid" (108) [priority: 65535]
	if ($syscall == 108)
	action ALLOW;
	# filter for syscall "geteuid" (107) [priority: 65535]
	if ($syscall == 107)
	action ALLOW;
	# filter for syscall "getgid" (104) [priority: 65535]
	if ($syscall == 104)
	action ALLOW;
	# filter for syscall "getuid" (102) [priority: 65535]
	if ($syscall == 102)
	action ALLOW;
	# filter for syscall "sysinfo" (99) [priority: 65535]
	if ($syscall == 99)
	action ALLOW;
	# filter for syscall "getrlimit" (97) [priority: 65535]
	if ($syscall == 97)
	action ALLOW;
	# filter for syscall "gettimeofday" (96) [priority: 65535]
	if ($syscall == 96)
	action ALLOW;
	# filter for syscall "fchmod" (91) [priority: 65535]
	if ($syscall == 91)
	action ALLOW;
	# filter for syscall "unlink" (87) [priority: 65535]
	if ($syscall == 87)
	action ALLOW;
	# filter for syscall "mkdir" (83) [priority: 65535]
	if ($syscall == 83)
	action ALLOW;
	# filter for syscall "getdents" (78) [priority: 65535]
	if ($syscall == 78)
	action ALLOW;
	# filter for syscall "fcntl" (72) [priority: 65535]
	if ($syscall == 72)
	action ALLOW;
	# filter for syscall "uname" (63) [priority: 65535]
	if ($syscall == 63)
	action ALLOW;
	# filter for syscall "wait4" (61) [priority: 65535]
	if ($syscall == 61)
	action ALLOW;
	# filter for syscall "exit" (60) [priority: 65535]
	if ($syscall == 60)
	action ALLOW;
	# filter for syscall "clone" (56) [priority: 65535]
	if ($syscall == 56)
	action ALLOW;
	# filter for syscall "getsockname" (51) [priority: 65535]
	if ($syscall == 51)
	action ALLOW;
	# filter for syscall "listen" (50) [priority: 65535]
	if ($syscall == 50)
	action ALLOW;
	# filter for syscall "bind" (49) [priority: 65535]
	if ($syscall == 49)
	action ALLOW;
	# filter for syscall "shutdown" (48) [priority: 65535]
	if ($syscall == 48)
	action ALLOW;
	# filter for syscall "recvmsg" (47) [priority: 65535]
	if ($syscall == 47)
	action ALLOW;
	# filter for syscall "sendmsg" (46) [priority: 65535]
	if ($syscall == 46)
	action ALLOW;
	# filter for syscall "recvfrom" (45) [priority: 65535]
	if ($syscall == 45)
	action ALLOW;
	# filter for syscall "sendto" (44) [priority: 65535]
	if ($syscall == 44)
	action ALLOW;
	# filter for syscall "connect" (42) [priority: 65535]
	if ($syscall == 42)
	action ALLOW;
	# filter for syscall "getpid" (39) [priority: 65535]
	if ($syscall == 39)
	action ALLOW;
	# filter for syscall "nanosleep" (35) [priority: 65535]
	if ($syscall == 35)
	action ALLOW;
	# filter for syscall "madvise" (28) [priority: 65535]
	if ($syscall == 28)
	action ALLOW;
	# filter for syscall "sched_yield" (24) [priority: 65535]
	if ($syscall == 24)
	action ALLOW;
	# filter for syscall "pipe" (22) [priority: 65535]
	if ($syscall == 22)
	action ALLOW;
	# filter for syscall "access" (21) [priority: 65535]
	if ($syscall == 21)
	action ALLOW;
	# filter for syscall "writev" (20) [priority: 65535]
	if ($syscall == 20)
	action ALLOW;
	# filter for syscall "rt_sigreturn" (15) [priority: 65535]
	if ($syscall == 15)
	action ALLOW;
	# filter for syscall "brk" (12) [priority: 65535]
	if ($syscall == 12)
	action ALLOW;
	# filter for syscall "munmap" (11) [priority: 65535]
	if ($syscall == 11)
	action ALLOW;
	# filter for syscall "mmap" (9) [priority: 65535]
	if ($syscall == 9)
	action ALLOW;
	# filter for syscall "lseek" (8) [priority: 65535]
	if ($syscall == 8)
	action ALLOW;
	# filter for syscall "poll" (7) [priority: 65535]
	if ($syscall == 7)
	action ALLOW;
	# filter for syscall "fstat" (5) [priority: 65535]
	if ($syscall == 5)
	action ALLOW;
	# filter for syscall "stat" (4) [priority: 65535]
	if ($syscall == 4)
	action ALLOW;
	# filter for syscall "close" (3) [priority: 65535]
	if ($syscall == 3)
	action ALLOW;
	# filter for syscall "write" (1) [priority: 65535]
	if ($syscall == 1)
	action ALLOW;
	# filter for syscall "read" (0) [priority: 65535]
	if ($syscall == 0)
	action ALLOW;
	# filter for syscall "accept4" (288) [priority: 65533]
	if ($syscall == 288)
	if ($a3.hi32 & 0xffffffff == 0)
	if ($a3.lo32 & 0xfff7f7ff == 0)
	action ALLOW;
	# filter for syscall "time" (201) [priority: 65533]
	if ($syscall == 201)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 0)
	action ALLOW;
	# filter for syscall "prctl" (157) [priority: 65533]
	if ($syscall == 157)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 4)
	action ALLOW;
	# filter for syscall "chown" (92) [priority: 65533]
	if ($syscall == 92)
	if ($a0.hi32 == 31462)
	if ($a0.lo32 == 1387171840)
	action ALLOW;
	# filter for syscall "chmod" (90) [priority: 65533]
	if ($syscall == 90)
	if ($a0.hi32 == 31462)
	if ($a0.lo32 == 1387171840)
	action ALLOW;
	# filter for syscall "kill" (62) [priority: 65533]
	if ($syscall == 62)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 0)
	action ALLOW;
	# filter for syscall "ioctl" (16) [priority: 65533]
	if ($syscall == 16)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 35147)
	action ALLOW;
	# filter for syscall "open" (2) [priority: 65533]
	if ($syscall == 2)
	if ($a1.hi32 & 0xffffffff == 0)
	if ($a1.lo32 & 0xfff5f6ff == 0)
	action ERRNO(13);
	# filter for syscall "flock" (73) [priority: 65532]
	if ($syscall == 73)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 8)
	action ALLOW;
	if ($a1.lo32 == 6)
	action ALLOW;
	# filter for syscall "rt_sigprocmask" (14) [priority: 65532]
	if ($syscall == 14)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 2)
	action ALLOW;
	if ($a0.lo32 == 1)
	action ALLOW;
	# filter for syscall "epoll_ctl" (233) [priority: 65531]
	if ($syscall == 233)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 3)
	action ALLOW;
	if ($a1.lo32 == 2)
	action ALLOW;
	if ($a1.lo32 == 1)
	action ALLOW;
	# filter for syscall "socketpair" (53) [priority: 65531]
	if ($syscall == 53)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 1)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 524289)
	action ALLOW;
	# filter for syscall "mremap" (25) [priority: 65531]
	if ($syscall == 25)
	if ($a3.hi32 == 0)
	if ($a3.lo32 == 1)
	action ALLOW;
	if ($a0.hi32 == 31462)
	if ($a0.lo32 == 1366200320)
	action KILL;
	# filter for syscall "fcntl64" (4294957287) [priority: 65526]
	if ($syscall == 4294957287)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 4)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 2050)
	action ALLOW;
	if ($a1.lo32 == 3)
	action ALLOW;
	if ($a1.lo32 == 2)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 1)
	action ALLOW;
	if ($a1.lo32 == 1)
	action ALLOW;
	# filter for syscall "rt_sigaction" (13) [priority: 65526]
	if ($syscall == 13)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 25)
	action ALLOW;
	if ($a0.lo32 == 17)
	action ALLOW;
	if ($a0.lo32 == 15)
	action ALLOW;
	if ($a0.lo32 == 13)
	action ALLOW;
	if ($a0.lo32 == 12)
	action ALLOW;
	if ($a0.lo32 == 10)
	action ALLOW;
	if ($a0.lo32 == 2)
	action ALLOW;
	if ($a0.lo32 == 1)
	action ALLOW;
	# filter for syscall "setsockopt" (54) [priority: 65522]
	if ($syscall == 54)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 41)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 26)
	action ALLOW;
	if ($a1.lo32 == 1)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 32)
	action ALLOW;
	if ($a2.lo32 == 8)
	action ALLOW;
	if ($a2.lo32 == 7)
	action ALLOW;
	if ($a2.lo32 == 2)
	action ALLOW;
	if ($a1.lo32 == 0)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 19)
	action ALLOW;
	# filter for syscall "getsockopt" (55) [priority: 65520]
	if ($syscall == 55)
	if ($a1.hi32 == 0)
	if ($a1.lo32 == 41)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 80)
	action ALLOW;
	if ($a1.lo32 == 6)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 11)
	action ALLOW;
	if ($a1.lo32 == 1)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 30)
	action ALLOW;
	if ($a2.lo32 == 7)
	action ALLOW;
	if ($a2.lo32 == 4)
	action ALLOW;
	if ($a1.lo32 == 0)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 80)
	action ALLOW;
	# filter for syscall "mmap2" (4294957267) [priority: 65519]
	if ($syscall == 4294957267)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 5)
	if ($a3.hi32 == 0)
	if ($a3.lo32 == 2050)
	action ALLOW;
	if ($a2.lo32 == 3)
	if ($a3.hi32 == 0)
	if ($a3.lo32 == 131106)
	action ALLOW;
	if ($a3.lo32 == 2066)
	action ALLOW;
	if ($a3.lo32 == 50)
	action ALLOW;
	if ($a3.lo32 == 34)
	action ALLOW;
	if ($a2.lo32 == 1)
	if ($a3.hi32 == 0)
	if ($a3.lo32 == 2)
	action ALLOW;
	if ($a2.lo32 == 0)
	if ($a3.hi32 == 0)
	if ($a3.lo32 == 16418)
	action ALLOW;
	# filter for syscall "mprotect" (10) [priority: 65518]
	if ($syscall == 10)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 1)
	action ALLOW;
	if ($a2.lo32 == 0)
	action ALLOW;
	if ($a0.hi32 > 31462)
	if ($a1.hi32 > 0)
	else
	if ($a1.hi32 == 0)
	if ($a1.lo32 > 20971520)
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a0.hi32 == 31462)
	if ($a0.lo32 >= 1366200320)
	else
	if ($a1.hi32 > 0)
	else
	if ($a1.hi32 == 0)
	if ($a1.lo32 > 20971520)
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	if ($a0.lo32 > 1387174969)
	if ($a1.hi32 > 0)
	else
	if ($a1.hi32 == 0)
	if ($a1.lo32 > 20971520)
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a1.hi32 > 0)
	else
	if ($a1.hi32 == 0)
	if ($a1.lo32 > 20971520)
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	else
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 3)
	action ALLOW;
	# filter for syscall "socket" (41) [priority: 65505]
	if ($syscall == 41)
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 16)
	if ($a1.hi32 & 0xffffffff == 0)
	if ($a1.lo32 & 0xfff7ffff == 3)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 0)
	action ALLOW;
	if ($a0.lo32 == 10)
	if ($a1.hi32 & 0xffffffff == 0)
	if ($a1.lo32 & 0xfff7f7ff == 2)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 17)
	action ALLOW;
	if ($a2.lo32 == 0)
	action ALLOW;
	if ($a1.lo32 & 0xfff7f7ff == 1)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 6)
	action ALLOW;
	if ($a0.lo32 == 2)
	if ($a1.hi32 & 0xffffffff == 0)
	if ($a1.lo32 & 0xfff7f7ff == 2)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 17)
	action ALLOW;
	if ($a2.lo32 == 0)
	action ALLOW;
	if ($a1.lo32 & 0xfff7f7ff == 1)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 6)
	action ALLOW;
	if ($a0.lo32 == 1)
	if ($a1.hi32 & 0xffffffff == 0)
	if ($a1.lo32 & 0xfff7f7ff == 2)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 0)
	action ALLOW;
	if ($a1.lo32 & 0xfff7f7ff == 1)
	action ALLOW;
	# filter for syscall "rename" (82) [priority: 65480]
	if ($syscall == 82)
	if ($a0.hi32 == 31462)
	if ($a0.lo32 == 1387173113)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387173148)
	action ALLOW;
	if ($a0.lo32 == 1387173039)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387173078)
	action ALLOW;
	if ($a0.lo32 == 1387172957)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387173000)
	action ALLOW;
	if ($a0.lo32 == 1387172855)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172908)
	action ALLOW;
	if ($a0.lo32 == 1387172761)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172810)
	action ALLOW;
	if ($a0.lo32 == 1387172721)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172685)
	action ALLOW;
	if ($a0.lo32 == 1387172645)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172685)
	action ALLOW;
	if ($a0.lo32 == 1387172601)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172645)
	action ALLOW;
	if ($a0.lo32 == 1387172560)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172523)
	action ALLOW;
	if ($a0.lo32 == 1387172482)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172523)
	action ALLOW;
	if ($a0.lo32 == 1387172437)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172482)
	action ALLOW;
	if ($a0.lo32 == 1387172398)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172363)
	action ALLOW;
	if ($a0.lo32 == 1387172320)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387171949)
	action ALLOW;
	if ($a0.lo32 == 1387172292)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172023)
	action ALLOW;
	if ($a0.lo32 == 1387172234)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172265)
	action ALLOW;
	if ($a0.lo32 == 1387172160)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172199)
	action ALLOW;
	if ($a0.lo32 == 1387172088)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172126)
	action ALLOW;
	if ($a0.lo32 == 1387171949)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387172363)
	action ALLOW;
	# filter for syscall "openat" (257) [priority: 65477]
	if ($syscall == 257)
	if ($a2.hi32 & 0xffffffff == 0)
	if ($a2.lo32 & 0xfff5f6ff == 0)
	action ERRNO(13);
	if ($a0.hi32 == 4294967295)
	if ($a0.lo32 == 4294967196)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387173457)
	if ($a2.hi32 == 0)
	if ($a2.lo32 == 591872)
	action ALLOW;
	if ($a0.hi32 == 0)
	if ($a0.lo32 == 4294967196)
	if ($a1.hi32 == 31462)
	if ($a1.lo32 == 1387173434)
	action ALLOW;
	if ($a1.lo32 == 1387173389)
	action ALLOW;
	if ($a1.lo32 == 1387173346)
	action ALLOW;
	if ($a1.lo32 == 1387173308)
	action ALLOW;
	if ($a1.lo32 == 1387173295)
	action ALLOW;
	if ($a1.lo32 == 1387173282)
	action ALLOW;
	if ($a1.lo32 == 1387173270)
	action ALLOW;
	if ($a1.lo32 == 1387173259)
	action ALLOW;
	if ($a1.lo32 == 1387173245)
	action ALLOW;
	if ($a1.lo32 == 1387173228)
	action ALLOW;
	if ($a1.lo32 == 1387173213)
	action ALLOW;
	if ($a1.lo32 == 1387173179)
	action ALLOW;
	if ($a1.lo32 == 1387173148)
	action ALLOW;
	if ($a1.lo32 == 1387173113)
	action ALLOW;
	if ($a1.lo32 == 1387173078)
	action ALLOW;
	if ($a1.lo32 == 1387173039)
	action ALLOW;
	if ($a1.lo32 == 1387173000)
	action ALLOW;
	if ($a1.lo32 == 1387172957)
	action ALLOW;
	if ($a1.lo32 == 1387172908)
	action ALLOW;
	if ($a1.lo32 == 1387172855)
	action ALLOW;
	if ($a1.lo32 == 1387172810)
	action ALLOW;
	if ($a1.lo32 == 1387172761)
	action ALLOW;
	if ($a1.lo32 == 1387172721)
	action ALLOW;
	if ($a1.lo32 == 1387172685)
	action ALLOW;
	if ($a1.lo32 == 1387172645)
	action ALLOW;
	if ($a1.lo32 == 1387172601)
	action ALLOW;
	if ($a1.lo32 == 1387172560)
	action ALLOW;
	if ($a1.lo32 == 1387172523)
	action ALLOW;
	if ($a1.lo32 == 1387172482)
	action ALLOW;
	if ($a1.lo32 == 1387172437)
	action ALLOW;
	if ($a1.lo32 == 1387172398)
	action ALLOW;
	if ($a1.lo32 == 1387172363)
	action ALLOW;
	if ($a1.lo32 == 1387172320)
	action ALLOW;
	if ($a1.lo32 == 1387172292)
	action ALLOW;
	if ($a1.lo32 == 1387172265)
	action ALLOW;
	if ($a1.lo32 == 1387172234)
	action ALLOW;
	if ($a1.lo32 == 1387172199)
	action ALLOW;
	if ($a1.lo32 == 1387172160)
	action ALLOW;
	if ($a1.lo32 == 1387172126)
	action ALLOW;
	if ($a1.lo32 == 1387172088)
	action ALLOW;
	if ($a1.lo32 == 1387172070)
	action ALLOW;
	if ($a1.lo32 == 1387172023)
	action ALLOW;
	if ($a1.lo32 == 1387171949)
	action ALLOW;
	if ($a1.lo32 == 1387171940)
	action ALLOW;
	if ($a1.lo32 == 1387171912)
	action ALLOW;
	if ($a1.lo32 == 1387171866)
	action ALLOW;
	if ($a1.lo32 == 1387171857)
	action ALLOW;
	# default action
	action TRAP;
	# invalid architecture action
	action KILL;
	#
	# pseudo filter code end
	#