CDNWiki - View Source: KnowledgeBase/FreeBSD/FirewallRedirect

Recompile your kernel and add:
<code>
options IPFIREWALL_FORWARD
</code>

Add the following rule to the kernel ipfw table:
<code>
add 60 forward 127.0.0.2 ip from not table(1) to not 172.16.45.0/24 via vr0 in
</code>

Replace 'table(1)' with your desired authorized list table.<br>
Replace '172.16.45.0/24' with your LAN's private subnet.<br>
Replace 'vr0' with the adapter connected to your LAN's private subnet.<br>

All 'authorized' IP addresses go into table 1:
<code>
ipfw table 1 add 172.16.45.9/32
</code>

Replace '172.16.45.9/32' with the desired IP address.

To handle the Apache Nyah message without messing with your current config:
* Instruct Apache to listen on 127.0.0.2
* Set up an IP-based virtual host, whose 404 and 200 status messages are both the desired message, cuz you'll be getting a lot of strange URL requests.
<code>
<VirtualHost 127.0.0.2:80 >
  ErrorDocument 404 "j00 R t3h suxx0r!"
  ErrorDocument 200 "j00 R t3h suxx0r!"
</VirtualHost>
</code>
...or something like that.