IPFW, the software supplied with FreeBSD, is a packet
filtering and accounting system which resides in the kernel, and has a
user-land control utility, ipfw(8). Together, they
allow you to define and query the rules currently used by the kernel
in its routing decisions.
There are two related parts to IPFW. The firewall section
allows you to perform packet filtering. There is also an IP accounting
section which allows you to track usage of your router, based on
similar rules to the firewall section. This allows you to see (for
example) how much traffic your router is getting from a certain
machine, or how much WWW (World Wide Web) traffic it is forwarding.
As a result of the way that IPFW is designed, you can use
IPFW on non-router machines to perform packet filtering on
incoming and outgoing connections. This is a special case of the more
general use of IPFW, and the same commands and techniques
should be used in this situation.