FreeBSD IPFW Firewall

This is a base service so all you need is a few rc.conf vars Download this conf and add it to /etc/rc.conf.d and run service ipfw start

rc.conf

firewall_enable="YES"
firewall_type="WORKSTATION" 4
firewall_trusted="xx.xx.xx.xx" 1
firewall_myservices="22/tcp 53/tcp 53/udp 80/tcp 443/tcp 20/tcp 21/tcp 1984/tcp 25/tcp 143/tcp 993/tcp" 2
firewall_allowservices="any" 3

1. 1. your personal IP is always trusted
2. 2. List of ports that will have services running
3. 3. allow all from the services, this setup you can't do this per port so allow all
4. 4. this is 1 computer so we use the workstation

sysrc blacklistd_enable="YES"
touch /etc/ipfw-blacklist.rc
vim /etc/blacklistd.conf #edit the default and add some whitelists for IP's

Basic firewall using IPFW

I don't use PF on FreeBSD as it lacks a lot of features from OpenBSD and I believe each OS should stick to it's own firewall and either add in options to it, we really dont need 3 firewall's in a OS. Each firewall has it's pros and cons.