problem with my first firewall....
 

i want to make my first firewall :))

what's wrong becouse when i run it, the internet connection goes down (sorry for my english)

#!/bin/sh

modprobe ip_tables
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc

iptables=/usr/sbin/iptables

$iptables -P INPUT DROP
$iptables -P OUTPUT DROP
$iptables -P FORWARD DROP

$iptables -F INPUT
$iptables -F OUTPUT
$iptables -F FORWARD

$iptables -A INPUT -i lo -j ACCEPT
$iptables -A OUTPUT -o lo -j ACCEPT

#$iptables -A INPUT -i eth1 -s 192.168.0.1/24 -j ACCEPT

$iptables -A INPUT -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT

$iptables -A INPUT -p TCP -i eth0 -s 0/0 --destination-port 22 -j ACCEPT
$iptables -A INPUT -p TCP -i eth0 -s 0/0 --destination-port 80 -j ACCEPT
$iptables -A INPUT -p TCP -i eth0 -s 0/0 --destination-port 21 -j ACCEPT
$iptables -A INPUT -p TCP -i eth0 -s 0/0 --destination-port 53 -j ACCEPT

$iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

$iptables -A INPUT -p TCP ! --syn -m state --state NEW -j LOG --log-prefix "Possbile syn scan"
$iptables -A INPUT -p TCP ! --syn -m state --state NEW -j DROP

thanks

Is this supposed to be a firewall for just a single PC, or for a network?

If for a network, you're not allowing any connections on the FORWARD chain, so no packets will be permitted from the LAN to the NET.

first for single PC ... then for a network...

Well, for a network, it's horribly lacking.

For local, you're not ACCEPTing any (initial) packets on the OUTPUT chain. You'll need to allow outbound traffic to get any response back. :)

...

hm... ok
u can give me a firewall? for sigle pc, and then i will learn :) how to make it for network

Assuming no services are being run, and I'm only trying to protect against external attacks, I would do something like:
Suit to taste. :)