FreeBSD.org: Dialup firewalling with FreeBSDJun 11, 2000, 17:08 (0 Talkback[s])
(Other stories by Marc Silver)
"This document aims to cover the process that is required in order to setup firewalling with FreeBSD when are dynamically assigned an IP address by your ISP. While every effort has been made to make this document as informative and correct as possible, you are welcome to mail your comments/suggestions to the maintainer...."
"We're nearly done now. All that remains now is to define the firewall rules and then we can reboot and the firewall should be up and running. I realise that everyone will want something slightly different when it comes to their rulebase. What I've tried to do is write a rulebase that suits most dialup users. You can obviously modify it to your needs by simply using the following rules as the foundation for your own rulebase. First, let's start with the basics of closed firewalling. What you want to do is deny everything by default and then only open up for the things you really need. Rules should be in the order of allow first and then deny. The premis is that you add the rules for your allows, and then everything else is denied. :)"
"Now, let's make the dir /etc/firewall. Change into the directory and edit the file fwrules as we specified in rc.conf. Please note that you can change this filename to be anything you wish. This guide just gives an example of a filename."