To configure a IPFW firewall, first open up
sudo ee /etc/rc.conf
Now add the following lines to the end of this file, where the ssh port number is the most important port number to add and should be replaced with the port number chosen whilst configuring the SSH (not doing so will lock out all SSH users from the system. Each port that is required should be listed in the port number area (port
80 might also be useful to add as it is a standard port for http connections, as is port
443 for https that might also be useful to add) and
firewall_logdeny will tell the server to log any connection attept to the
firewall_enable="YES" firewall_quiet="YES" firewall_type="workstation" firewall_myservices="[ssh_port_number] [another_port_number] [another_port_number_etc]" firewall_allowservices="any" firewall_logdeny="YES"
If so desired, UDP or TCP can be specifically targeted in
firewall_myservices adding an identifier as a suffix to the port number, i.e.
[port_number]/tcp. Once all 'port numbers' are filled in, save and close with
enter. Once finished, activate the firewall service with the following:
sudo service ipfw start
Once enabled, the ruleset being used by the firewall can be checked with: