This is a good firewall if you like to use X stuff. as in XFree, Orobor and Fink. And if you want to be very anal about security. The logging is very good. Thus, you can set the default to block everything and slowly open up more ports and allow more IP addresses to access your machine, and enable more programs to use the internet as needed. This is a really time consuming process, but if you have a lot of pressure to keep your network secure, this is not a bad way;
You basically allow IP address to access port blank and that is it.
You allow program Y to access IP address Blank and only Blank to check for updates.
It also comes with a less secure preconfigure for the average user, but it would not allow your computer to act as a xerver for XWindow applications, and so on.
Still, I think this is a cut above command-line UNIX tinkering with the native firewall.
Also, the ability to creat rules from the log speeds up the configuration.
Firewalk X 2 seems to cause a lot of kernel panics, but the most recent update promises to fix this.