I tried this ruleset and it cutoff access to the other macs via AppleShare on my LAN. Watching the log I could see it was the last two rules. I had to disable these two rules to get access again.

#################################################
## * * * Default Filter Policies * * *
#################################################
## Allow All Outgoing Services
#add 52009 allow all from any to any keep-state out

## Deny All Incoming Services
#add 52010 drop log all from any to any

Disabled those and my AppleShare worked again. Thats not right is it? Also followed the directions for setting up a StartupItem but it never startsup.

Few more questions:

* I like to use LittleSnitch to notify me of outgoing connections and create rules - will using this IPFW method affect LittleSnitch

* I would like to send the firewall log info to a seperate firewall.log so I followed instructions listed here and added this to my syslog.conf

authpriv,remoteauth,ftp.none;kern.debug /var/log/firewall.log

but it doesn't seem to be loggin any info to firewall.log. How can I set this up to log to a seperate firewall.log.

* how do I fix the AppleShare problem, noted above

Instead of removing the blanket rules, you should figure out what port your network needs to be allowed on and then add a rule allowing that port access. I don't use appleshare, so my rules probably don't allow for the traffic.