I'm replacing my current ipchains-based firewall, which serves a small internal LAN of 3 machines, with one that runs iptables/netfilter.
Since I offer no services (yet), the goal is to make this IP address invisible to port scans and other grotesques from the internet, while interfering as little as possible with a variety of protocols that the internal machines need (ICQ/AIM/MSN/Yahoo, IRC, FTP, HTTP, POP3 etc). So, I created a new Woody installation on a 486/66 DX2 with 24MB of RAM and 1GB of hard drive space, separated into various partitions to avoid overflowing logs and such. Then I applied the objectives outlined in Securing Debian [http://debian.org/doc/manuals/securing-debian-how-to/]. Next I compiled a custom kernel that has all the appropriate modules hard-coded, to avoid the additional security risk of loadable modules. Now I'm ready to actually create the ruleset (or chains, whatever they are called) for the firewall. I understand the basic concepts behind iptables/netfilter, but frankly, there are so many variables that I've decided to start out with a pre-made firewall script, as I did with ipchains. I would like some input as to which script(s) the reader considers the most secure vs ease of use. The one I'm leaning towards is Monmotha's [http://monmotha.mplug.org/firewall/firewall/2.3/rc.firewall-2.3.8-pre4]
