1) Read iptables man page
[code]man iptables
2) Read some docs at iptables website
3) Try to write a ruleset (a script is good); if you don't feel it's working, or are not sure what to do exactly, post here what you did so far and we'll help you further. Firewall is an important thing to know how it works, so it's definitely worth it doing it yourself, as that way you'll learn the most. The web is probably full of ready iptables scripts, but if you want to know for sure what your configuration does, you'll need to do it yourself (and it is not that difficult really; just read the manpages and pay attention to the examples at any docs).
Typically what you do is first "clean" the rules (flush all chains, then delete all non-builtin chains), then set default policies for the chains (if you need, create your own chains) to disallow (drop) any traffic not specially allowed, and then make the "exception" rules for what you need. What you need to know is the ip addresses (static, if you use them in the script!) you'll be using in your rules, if any, ports used by the services you want to allow and most importantly what you want to do: drawing a picture on paper won't harm you. It helps sorting it out.
You'll probably begin with something like
Code:
IPT=/sbin/iptables
$IPT -F
$IPT -X
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT DROP
# ...
# rules for exceptions..
# ...
The rest depends on what you come up with exactly - port numbers and such, maybe connection tracking (like '$IPT -P INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT' in some scripts) and so on.
