Host, router, bridge configuration

On a host, we only need to intercept up/down traffic
ipfw add 100 pipe 1 ip from any to any in
ipfw add 100 pipe 2 ip from any to any out

On a router, we deal with through traffic as well (make sure we do not match traffic twice)
ipfw add pipe 3 ... in

Same on a bridge (watch out for multicast traffic)
ipfw add 100 pipe 4 ... bridged