rc.conf

firewall_enable="YES"
firewall_script="/etc/ipfw.rules"

/etc/ipfw.rules

#!/bin/sh
# Flush out the list before we begin.
ipfw -q -f flush

# Set rules command prefix
wan="re0"
lan="re1"

# Change xl0 to LAN NIC interface name
ipfw -q add 00005 allow all from any to any via $lan
ipfw -q add 00005 allow all from any to any via $wan

# No restrictions on Loopback Interface
ipfw -q add 00010 allow all from any to any via lo0

ipfw -q add 00101 check-state
ipfw -q add 00102 allow tcp  from any to any established
ipfw -q add 00102 allow tcp  from any to any established
ipfw -q add 00103 allow icmp from any to any

links

• https://www.cyberciti.biz/faq/howto-setup-freebsd-ipfw-firewall/
• https://www.freebsd.org/doc/de_DE.ISO8859-1/books/handbook/firewalls-ipfw.html
• https://www.freebsd.org/doc/de_DE.ISO8859-1/books/handbook/firewalls.html