page 1 page 2 page 3 page 4 page 5 page 6 page 7 page 8

page 4

A rule set is a group of ipfw rules coded to allow or deny packets based on the values contained in the packet.
The bi-directional exchange of packets between hosts comprises a session conversation.
The firewall rule set processes the packet twice: once on its arrival from the public Internet host and again as it leaves for its return trip back to the public Internet host.
Each tcp/ip service (i.e. telnet, www, mail, etc.) is predefined by its protocol, and port number.
This is the basic selection criteria used to create rules which will allow or deny services.
Most experienced IPFW users create a file containing the rules and code them in a manner
compatible with running them as a script. The major benefit of doing this is the firewall rules
can be refreshed in mass without the need of rebooting the system to activate the new rules.
This method is very convenient in testing new rules as the procedure can be executed as many times as needed.