I like to use Firestarter
or an rc.firewall
script for a frontend to iptables, mostly because I'm used to them.
In rc.firewall, you use a PERMIT statement. For example:
PERMIT="[network or computer ip address]/[netmask]:[port/port range]/[protocol]"
This is part of the PERMIT that open my file server to tcp from other computers in my local network.
The rc.firewall script is usually heavily annotated, but the Firestarter GUI is friendlier, lots friendlier.