How to load the IPFW rules

  1. Copy your ipfw.rules inside /etc/

     $ cp ipfw.rules /etc/

    Note: Be sure the rules don’t have \r\n lines (CRLN windows lines), but only \n lines (Unix LN lines), otherwise you get locked out!

  2. Open /etc/rc.conf:

     $ ee /etc/rc.conf

  3. Edit/Add these options:

     # IPFW
 firewall_enable="YES"
 firewall_type="open"
 firewall_script="/etc/ipfw.rules"
 firewall_logging="YES"

    Note: For testing, set the firewall_enable to “NO”

  4. Start the ipfw service:

     $ service ipfw start

    Note: if firewall_enable is set to “NO”, you should use onestart|onestop|onerestart instead of start|stop|restart

If you’re afraid of getting locked out, you can try this way:

  1. Use the firewall_enable="NO" option inside /etc/rc.conf
  2. Start the service with the command service ipfw onestart && sleep 60 && service ipfw onestop & (ipfw will be stopped after 60 seconds)
This site uses Just the Docs, a documentation theme for Jekyll.