[CLUE-Tech] Firewall

[Chris]

Hey guys I was wondering if you could help me out.  I'm trying to set up a
firewall for the first time.  Just something simple.  Here is what I have so
far.

============================================================================
=============
/sbin/modprobe iptable_nat

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -N block
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
iptables -A block -j DROP

iptables -A INPUT -j block
iptables -A FORWARD -j block
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit
1/s -j ACCEPT
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j
ACCEPT
============================================================================
==============

the interface that the world sees is eth0
the interface that ny lan sees is eth1

Does everything look ok so far?

With this set up, I am unable to ssh to my machine from work.  How can I
allow certain ip's to connect, and how can I let certain services pass
through.  I want to let two ips pass connect.
Also say if i want to make a change to entry for nat.  How do I reload it
without having to reboot?
Any ideas?  Thanks.