FreeBSD 6.3 - Simple Firewall with ipfw
=======================================

Public domain   
********************************************************************************
### Kernel configuration
    
    # vi /usr/src/sys/i386/conf/GENERIC
        options         IPFIREWALL
        options         IPFIREWALL_DEFAULT_TO_ACCEPT
        options         IPDIVERT
    # cd /usr/src
    # make buildkernel KERNCONF=GENERIC
    # make installkernel KERNCONF=GENERIC
    # reboot
    
********************************************************************************
### Firewall Script
    
    # vi /usr/local/etc/ipfw.rules
        #!/bin/sh
        CLIENT="10.20.30.1 10.20.30.2"
        IPFW="ipfw -q add"
        ipfw -q -f flush
        for IP in $CLIENT; do
          $IPFW allow all from $IP to any out via tap*
          $IPFW allow all from any to $IP in via tap*
        done
        $IPFW divert natd all from any to any via extif0
        $IPFW deny all from any to any via tap*
    
********************************************************************************
### Startup configuration
    
    # vi /etc/rc.conf
        firewall_enable="YES"
        firewall_script="/usr/local/etc/ipfw.rules"
    # reboot
    
********************************************************************************
_BY: Pejman Moghadam_  
_TAG: ipfw, firewall_  
_DATE: 2008-06-13 10:26:57_