# put it to /etc/firewall.user

# study how other firewall.user scripts work and put here rules that work for you