Oh, it's not a bad idea to have different tables for different purposes - a whitelist and a blacklist, for example. The syntax I'd use in your example is ipfw add 05000 deny log ip from table\(2\) to any and probably ipfw add 05000 deny log ip from table\(2\) to any in recv $interface