hi guys n gals i have a problem here, currently at college and missed a few weeks through illness, managed to catch up but got stuck at a firewall question. this is what i have to do.
produce a report containing an iptable firewall definition for a system requiring the following features:
Full egress and ingress filtering (i.e. defaults are all REJECT)
The machine has only one network connection, eth0.
The machine runs ssh, telnet, apache, and qmail.
It should be able to surf the web, send email, and make DNS lookups.
The apache user should not be allowed to surf the web
You should make the rest of the rules as security focused (and sensible) as possible.
got about 3 weeks worth of lectures in a 2 hour catch up so really confused with this one.
any help appreciated
Catch up on the latest ULNG Announcements at our 
right guys this is what i have so far so if anybody can point me in the right direction saying wether i am right or wrong.
iptables –F INPUT
iptables –F OUTPUT
iptables –F FORWARD `
# -F flushes the tables, no rules set
iptables –P INPUT REJECT
iptables –P OUTPUT REJECT
iptables –P FORWARD REJECT
# -P sets the policy, REJECT deletes packets and terminates, however sends back an #ICMP message to sender (shows info about firewall ruleset)
iptables –A INPUT –p --sport 22 –j ACCEPT
iptables –A INPUT –p --sport 23 –j ACCEPT
iptables –A INPUT –p tcp --sport http –j ACCEPT
iptables –A INPUT –p tcp --sport smtp –j ACCEPT
iptables –A INPUT -p udp --sport ns_addr –j ACCEPT
#assuming DNS nameserver is ns_addr
iptables –A OUTPUT state --state NEW –p tcp --sport 80 –m owner –uid-owner=apache –j DROP
any help is appreciated