into the kernel, place the following option in the kernel configuration
.Cd options IPFIREWALL
Other related kernel options
which may also be useful are:
.Cd options IPFIREWALL_DEFAULT_TO_ACCEPT
.Cd options IPFIREWALL_VERBOSE
.Cd options IPFIREWALL_VERBOSE_LIMIT=100
as a module at boot time, add the following line into the
system facility allows filtering,
redirecting, and other operations on
packets travelling through
The default behavior of
is to block all incoming and outgoing traffic.
This behavior can be modified, to allow all traffic through the
firewall by default, by enabling the
This option may be useful when configuring
for the first time.
If the default
behavior is to allow everything, it is easier to cope with
firewall-tuning mistakes which may accidentally block all traffic.
To enable logging of packets passing through
option will prevent
from flooding system logs or causing local Denial of Service.
This option may be set to the number of packets which will be logged on
a per-entry basis before the entry is rate-limited.
The user interface for
is implemented by the
utility, so please refer to the
manpage for a complete description of the
capabilities and how to use it.