iptables and hardware router
 

I'm setting up a server (rh7.3) which will have an ftp/web server and act as a pdc for my lan. I have a netgear ro318 router which will forward http and ftp requests to my server. I will be installing as little as possible and will use the latest patches.

I was hacked (rootkit) using telnet/wu-ftp a while back and will setting up ssh and proftp.

My question is, do iptables have any value if I'm using an NAT router that blocks all ports except my web/ftp/telnet?

Is ssh and proftp a good solution?
I will not allowing anonymous ftp.

Thanks.

Ssh is good if you're using current version and apply patches. Proftpd is OK (but upgrades etc, the same as with ssh).
I'd install iptables. Mostly to protect agains attacks from inside your network.