I am new to iptables and am having a little trouble figuring them out. Using Iptables I am trying to implement the following policy: im trying to permit all outgoing connections, permit incoming ICMP, permit incoming ssh, permit incoming finger connections ,and reject all other packets. How can I do this?
I have concluded so far that for permitting incoming ssh and permitting finger connections my table would look like this but as far as finding out the ports for ICMP and implementing the policy im lost!!:

direction protocols source port destination port


OUTGOING TCP >1023 22

INCOMING TCP 22 >1023

OUTGOING TCP >1023 79

INCOMING TCP 79 >1023

EITHER Any Any Any

Thanks,
Thomas

It would go like:This assumes that by "ICMP" you meant ICMP type 8 (echo request, a.k.a. "ping").

I'll just add a couple of comments about definitions (just in case they cause confusion later)....

A policy is essentially a default. In other words, its the rule that gets matched by packets that don't match any of the explicit rules. So it is usually something like drop or reject.

(The more secure approach is generally felt to be:

rule 1: if it is this kind of packet, do this
.
.
rule n: .
everything else, forget about

but you could, if you were careful, do:

rule 1: if it is this bad thing, forget about it
.
.
rule n:
everything else, accept

the first system has a policy of forgetting about packets that come its way and the second of accepting. You'd have to be very careful about the second and it is not generally advisable.)

Secondly, you refer to rejecting. Its a close decision in some cases, but most people, most of the time, prefer to drop undesired/unsolicited packets. Reject sends an error message and that error message may be useful to someone trying to hack your system, in that it acts as confirmation that someone is there. (Mind you, if you are responding to ping packets, you are already telling the world that you exist, if they ask.)