phoenix is correct, I ran into the same problem myself and was quite annoyed to find that this 'hidden' rule wasn't mentioned by quite a few different resources. You can either follow the steps that phoenix has given or if you are loading ipfw via kldload you should use the following
Code:
kldload ipfw && ipfw -q add 65000 allow all from any to any
You can also add the following to your /etc/rc.conf
Code:
firewall_enable="YES"
firewall_type="open"
which will load ipfw when the system boots up and also stop it from defaulting to block all.