Here's mine off my 1941. It is still a work in progress:

!
class-map type inspect match-any addresses.cmap
 match access-group name addresses.ipv4.acl
 match access-group name addresses.ipv6.acl
!
class-map type inspect match-any protocols.cmap
 match access-group name protocols.ipv4.acl
 match access-group name protocols.ipv6.acl
!
class-map type inspect match-any lan.cmap
 match class-map addresses.cmap
 match class-map protocols.cmap
!
policy-map type inspect lan.pmap
 class type inspect lan.cmap
  inspect 
 class class-default
  drop log
!
policy-map type inspect wan.pmap
 class class-default
  drop log
!
zone security lan
zone security wan
!
zone-pair security lan-wan source lan destination wan
 service-policy type inspect lan.pmap
!
zone-pair security wan-lan source wan destination lan
 service-policy type inspect wan.pmap
! 
!
!
ip access-list extended addresses.ipv4.acl
 permit ip 10.1.1.0 0.0.0.255 any
 permit ip 10.1.2.0 0.0.0.255 any
 permit ip 10.1.3.0 0.0.0.255 any
!
ip access-list extended protocols.ipv4.acl
 permit icmp any any
 permit tcp any any
 permit udp any any
!
ipv6 access-list adddresses.ipv6.acl
 permit ipv6 2001:44B8:xxxx:xx10::/64 any
 permit ipv6 2001:44B8:xxxx:xx20::/64 any
 permit ipv6 2001:44B8:xxxx:xx30::/64 any
!
ipv6 access-list protocols.ipv6.acl
 permit icmp any any
 permit tcp any any
 permit udp any any
 permit ipv6 any any
 permit tcp any any established
 permit udp any any eq 546
 permit udp any eq domain any
!

Hope that helps.