Home -- Tutorials -- Quickies -- Manual Pages -- Search -- Feedback -- About The Site -- Forum
Setting up the ipfw firewall
 added 8.2.1998 -- written by Perlsta
Article Description: This instructs you on what to add to your kernel and what files to modify to get the ipfw firewall working on your FreeBSD system.
These instructions will help you configure FreeBSD to act as a firewall.

Note that it is almost suicidal to do this remotely, as one mistake can leave you unable to reach the firewall PC.

  1. Become root on the machine.

  2. IMPORTANT: Make a backup of the kernel located in the root directory.

  3. You must download at least the kernel source code distribution. (/stand/sysinstall will help)

  4. Make a copy of the kernel configuration file /usr/src/sys/i386/conf/GENERIC. Edit the new file and add the following lines to it:

    • options IPFIREWALL

    • options IPDIVERT


    The IPFIREWALL option allows the kernel to block or allow pass through of specific network traffic based on:
    • origin,

    • destination,

    • port number, and

    • protocol


    The IPDIVERT option allows incoming IP traffic to be diverted to a different port on the Firewall machine, allowing for redirection based on the options for the firewall option to a program listening to a port.
  5. make sure you are in /usr/src/sys/i386/conf/ and type:

    • config


  6. change into the directory /usr/src/sys/compile/ file> then type:

    • make depend

    • make all

    • make install


  7. edit the file /etc/rc.firewall and add the rules you want


  8. IMPORTANT: edit /etc/rc.conf and set the

    option firewall="NO" to
    firewall="YES"


  9. reboot and everything should be fine.
© Copyright 1998-2010 VANGEYN.Net, unless otherwise noted.