#!/bin/sh 
#
#
#

cmd="./ipfw add"

ipfw -f flush

#loopback
$cmd allow ip from any to any via lo0
$cmd deny ip from any to 127.0.0.0/8
$cmd deny ip from 127.0.0.0/8 to any

#FTP
$cmd allow tcp from any to any 20,21
$cmd allow tcp from any 20,21 to any

#SSH
$cmd allow tcp from any to any 22
$cmd allow tcp from any 22 to any

#DNS
$cmd allow tcp from any to any 53
$cmd allow tcp from any 53 to any
$cmd allow udp from any to any 53
$cmd allow udp from any 53 to any

$cmd allow all from any to any out via eth0
$cmd allow icmp from any to any in via eth0 icmptype 0,3,5,8,11

$cmd 65534 deny all from any to any