By no means am I a netfilter/iptables hacker, but my setup can be found here:
http://www.nathanvalentine.org/nrvwall.tar.gz I believe that the ruleset is pretty tight and I have tried to make sure that it is reasonably well documented. I am somewhat hesitant to publish my ruleset as I don't want anyone to construe me statement that this is 'pretty tight' as an invitation to break into my machines, but perhaps someone will spot something that could be improved and let me know. Enjoy.
msg04555/pgp00000.pgp
Description: PGP signature
