I have RTFM and am dizzy and frustrated. i also read over examples of config files and while helpfull, they are just not what im looking for or each one uses different scripting and confuses me further. anyway this is what i want to do.
i have a linksys router connected for cable modem, so it does nat and firewalling. i just want to add another layer of security on my server just in case. meaning i do not need masquerading in iptables.

i want to block everything from the internet (in case it gets passed linky),

be totally open to internal network which has both win and linix boxes, ssh web etc.

allow http, later ftp and possibly vpn from internet to this server.(i know i already need to forward through linky which is a no issue)

basically i really want to lock down this box!

any input would be great. im not asking for you to write this for me just some guidance. even if you can recommend a book etc. the whole point of me going to linux is to learn. so im willing! everyone has thier own school of thought and i dont know which one to follow..anyway thanks for any insight

http://www.technoslave.net/other/iptables.txt

That is my basic setup for iptables. It's an init script that I have run in level 3 and 5. You'll probably only want to look at the first 146 lines or so, as after that it deals with NAT and the masquerading that you don't want to deal with. Basically, what you're looking for is to DROP everything first, then only allow things through that you want to go through.