rule2 {
 from [ trust ];
 to [ untrust ];
 source [ any ];
 destination [ any ];
 service [ service-http ];
 application [ any ];
 action allow;
 source-user [ any ];
 option ;
 negate-source no;
 negate-destination no;
 disabled no;
 log-start yes;
 log-end yes;
 profile-setting {
  profiles {
   virus [ default ];
   spyware [ default ];
   vulnerability [ lm_vul_profile ];
   url-filtering [ no_porn_v2 ];
   file-blocking [ denie_pdf ];
  }
 }