IP filtering setup (IPFWADM)
============================

/etc/rc.d

    #
    # setup IP packet Accounting and Forwarding
    #
    #   Forwarding
    #
    # By default DENY all services
    ipfwadm -F -p deny
    # Flush all commands
    ipfwadm -F -f
    ipfwadm -I -f
    ipfwadm -O -f

    # Forward email to your server
    ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.1.2.10 25

    # Forward email connections to outside email servers
    ipfwadm -F -a accept -b -P tcp -S 196.1.2.10 25 -D 0.0.0.0/0 1024:65535

    # Forward Web connections to your Web Server
    /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 196.1.2.11 80

    # Forward Web connections to outside Web Server
    /sbin/ipfwadm -F -a accept -b -P tcp -S 196.1.2.* 80 -D 0.0.0.0/0 1024:65535

    # Forward DNS traffic
    /sbin/ipfwadm -F -a accept -b -P udp -S 0.0.0.0/0 53 -D 196.1.2.0/24

    # Flush the current accounting rules
    ipfwadm -A -f
    # Accounting
    /sbin/ipfwadm -A -f
    /sbin/ipfwadm -A out -i -S 196.1.2.0/24 -D 0.0.0.0/0
    /sbin/ipfwadm -A out -i -S 0.0.0.0/0 -D 196.1.2.0/24
    /sbin/ipfwadm -A in -i -S 196.1.2.0/24 -D 0.0.0.0/0
    /sbin/ipfwadm -A in -i -S 0.0.0.0/0 -D 196.1.2.0/24


 
Configuring the TIS FWTK
========================
There are three files that make up these controls.

/etc/services (tells the system what ports a services is on.)
/etc/inetd.conf (tells inetd what program to call.)
/usr/local/etc/netperm-table (tells the FWTK services who to allow and deny service to.)