I'm not sure if this is the right place for this, but I didn't see 
another list for firewalls.


I'm in the process of moving my firewall from ipchains on a Linux 
machine to ipfw on a NetBSD machine.

In my ipchains firewall, when I block a host completely, I add it to a 
custom "banned" chain (which then DENY's the ip), rather than using a 
DENY rule. I do this so that I can tell what was blocked - the specific 
port or the entire ip.

Is there a way to do this in ipfw (create custom firewall targets)?