First of all you should review your firewall's default input chain policy and change it to DROP (/etc/shorewall/policy). Then make rules allowing only for established connections you make out back in and add rules to open up the ports necessary (/etc/shorewall/rules) for services you want the rest of the world (or some IP ranges, or some IP addresses) to have access to. Looking at your portlist I see you're running RPC services, unprotected X11, Webmin, sshd, printer services, smtp, httpd, and bootpc. Make sure for each of them you want to open them up to the internet.
DROP vs REJECT: http://logi.cc/linux/reject_or_deny.php3,
Iptables Tutorial 1.1.17: http://iptables-tutorial.frozentux.n...-tutorial.html
and of course the iptables part of the 1st thread in this forum.
Btw, I'll edit out your domain socket stuff, we needn't see that.