I do not think that "panic" behavior is expected on stop. Stop semantics are designed to disable service, but not to kill network. In the worst case, it may lead to not responsive remote server.
Instead, my proposal is to start FireHOL before $network and stop after $network. I do not consider dynamic services like NFS server a priority. It is a more rare case. Admin should decide to either configure static ports or manually restart FireHOL from rc.local or custom init script. Please consider merging this change: https://github.com/codingfuture/deb-firehol/commit/d485e6fc8a5dc50cdacbeac3279429692623a900 (fork of Debian package) Binary package can be tested from: https://launchpad.net/~andvgal/+archive/ubuntu/firehol-bpo/+packages Note: by lintian requirements, firehol needs to live in /sbin not to depend on /usr.