rlphy0
sysctrl.sh
#Upgrade kernel
sysctl -w net.inet.tcp.drop_synfin=1
sysctl -w net.inet.tcp.rfc1323=1
sysctl -w net.inet.tcp.delayed_ack=0
sysctl -w net.inet.tcp.sendspace=65535
sysctl -w net.inet.tcp.recvspace=65535
sysctl -w net.inet.udp.recvspace=65535
sysctl -w net.inet.udp.maxdgram=65535
sysctl -w net.link.ether.inet.proxyall=1
sysctl -w net.local.stream.recvspace=65535
sysctl -w net.local.stream.sendspace=65535
sysctl -w net.local.dgram.maxdgram=65535
sysctl -w net.local.dgram.recvspace=65535
sysctl -w net.inet.ip.portrange.last=30000
#
sysctl -w net.inet.tcp.blackhole=2
sysctl -w net.inet.udp.blackhole=1
sysctl -w net.inet.ip.rtexpire=2
sysctl -w net.inet.ip.rtminexpire=2
#
sysctl -w kern.ps_showallprocs=0
sysctl -w kern.ipc.maxsockbuf=2097152
sysctl -w kern.ipc.somaxconn=1024
sysctl -w kern.maxfiles=32768
sysctl -w kern.maxfilesperproc=16424
squid.sh
 #!/bin/sh

if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
    echo "$0: Cannot determine the PREFIX" >&2
    exit 1
fi

case "$1" in
start)
        if [ -x ${PREFIX}/sbin/squid -a -f ${PREFIX}/etc/squid/squid.conf ]; then
                (cd /${PREFIX}/squid/logs; ${PREFIX}/sbin/squid >/dev/null 2>&1 &) ; echo -n ' squid'
        fi
        ;;
stop)
                ${PREFIX}/sbin/squid -k shutdown 2>&1
                # Uncomment this if you'd like the system to (attempt to
                # wait for) squid to shut down cleanly
                #echo "Sleeping for 45 seconds to allow squid to shutdown.."
                #sleep 45
        ;;
*)
        echo "Usage: `basename $0` {start|stop}" >&2
        ;;
esac

exit 0
ipfw.sh
#!/bin/sh
ipfw -f flush
ipfw -f pipe flush

# Local
ipfw add divert natd all from any to any via xl0
ipfw add allow ip from any to any via lo0
ipfw add deny ip from any to 127.0.0.0/8
ipfw add deny ip from 127.0.0.0/8 to any
ipfw add deny tcp from any to any 79,137,139,31137,666,27374,1025,37337
ipfw add deny udp from any to any 666,1025,137,135
ipfw add fwd 192.168.0.110,8080 tcp from any to any 80 via rl0
ipfw add allow tcp from 202.154.190.0/24 to me 21,22,23

#ipfw pipe 1 config bw 64Kbit/s queue 10Kbytes
#ipfw pipe 2 config bw 64Kbit/s queue 10Kbytes
#ipfw add pipe 1 ip from 192.168.0.2 to any via any out
#ipfw add pipe 2 ip from any to 192.168.0.2 via any in

ipfw add allow all from any to any