Go and grab a copy of gShield - only 47kb and has a very easy to understand config (gShield.conf) file which sets up iptables for you .... when installed it usually lives at /etc/firewall/gShield.rc...