netfilter (iptables, kernel 2.4) or ipchains (kernel 2.2)?

If you are using ipchains, check out http://plonk.sourceforge.net/ It's a
good script for setting up a decent firewall and masq box. There is a aplha
script from IPTables as well. 

I'm no expert, but I'd do something like deny all incoming connections on
the external interface, then allow each service. Then allow forwarding of
everything from the internal to the external. The script above will do a
decent job of getting you up and running in no time.

-- 
| Andrew S. Zbikowski       | Home: 763.591.0977 |
| http://www.ringworld.org  | Work: 763.428.9119 |
| http://www.itouthouse.com | PCS:  612.306.6055 |
|   This message is protected by double ROT13    | 
|   encryption. Any attempt to circumvent the    |
|   digital protection is banned by the DMCA.    |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: andyzib.vcf
Type: text/x-vcard
Size: 2265 bytes
Desc: Card for Andy Zbikowski (Zibby)
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010520/5a6ab415/andyzib.vcf