Set up a basic firewall on FreeBSD

In this tutorial, I'll show you how to set up a basic firewall on FreeBSD.


The configuration of the firewall in "Workstation" mode is quite simple:

root: sysrc firewall_enable=yes
root: sysrc firewall_type=workstation

If we want to host some network services on our computer, we can simply declare them:

root: sysrc firewall_myservices="22/tcp 80/tcp 443/tcp"
root: sysrc firewall_allowservices=any

We avoid that the list of loaded rules is displayed during the boot process:

root: sysrc firewall_quiet=yes

So that the rejected packages are logged in "/var/log/security", we do the following:

root: sysrc firewall_logdeny=yes

To enable the firewall, we run this command:

root: service ipfw start

The different rules and their statistics are shown by ipfw show.