[X-Unix] custom ipfw setup

[David Haines]

Unit is running 10.3.9 OS X Client.

I'm trying to add custom rules to ipfw, and while I can easily do so during
a current session, the new rules are not persistent across restarts.

I have created a folder: Firewall
in /Library/StartupItems
listing (re permissions) is:
-rwxr-xr-x  1 root  admin   71 26 Apr 16:06 Firewall
-rwxr-xr-x  1 root  admin  211 26 Apr 16:22 StartupParameters.plist

Firewall is as follows:

#!/bin/sh
/sbin/ipfw add deny tcp from any to any 80 out setup via en0

and StartupParameters.plist is as follows:

{
Description = ("Firewall");
Provides = ("Firewall");
Requires = ("Portmap","Resolver");
OrderPreference = "Late";
Messages =
     {
     Start = "Starting Firewall";
     Stop = "Stopping Firewall";
     };
}

I also tried OrderPreference ="None";

but that doesn't work either.
Some at macosxhints.com say go with Requires = ("Super Server");
whatever that really in fact is.

The point is, 

After a restart, the rule is not active.
Port 80 here is just for testing.

I can manually invoke the item with:

sudo SystemStarter start "Firewall"

and it works !

So... what in the OS X startup process is blowing this out ?

The client GUI/System Preference pane is not set to run the client
hacked/hobbled/compromised firewall.