IPFW - jonatello/lab-musing GitHub Wiki

https://www.freebsd.org/doc/handbook/firewalls-ipfw.html

Configuring IPFW with a script of rules

Enable IPFW

sysrc firewall_enable=yes

Create custom firewall rules, in this case we'll use "famp.ipfw.rules" which allows ports 22, 80, and 443 TCP traffic for SSH, HTTP, and HTTPS

vi /etc/ipfw.rules

Use custom firewall script rules within "/etc/ipfw.rules"

sysrc firewall_script="/etc/ipfw.rules"

Enable firewall logging

sysrc firewall_logging="YES"

Start IPFW

service ipfw start

Port forwarding example

It's usually good to take a look at your existing rules before making changes, and also so you know in what order you might want to insert a new rule within the list

ipfw show

To forward all inbound traffic for destination port 80 to 8080, use the following (inserting in position 00110 within the list)

ipfw add 00110 fwd 127.0.0.1,8080 tcp from any to any 80 in