IP Tables

[mianosm]

I was just wondering if anyone would have any good, constructive criticism for this firewall that I'm currently using. : )

Action Condition Move Add
Log packet Always
Accept If protocol is TCP and TCP flags ACK (of ACK) are set
Accept If state of connection is ESTABLISHED
Accept If state of connection is RELATED
Accept If source is localhost and state of connection is NEW
Accept If protocol is UDP and destination port is 1024:65535 and source port is 53
Accept If protocol is ICMP and ICMP type is echo-reply
Accept If protocol is ICMP and ICMP type is echo-request
Accept If protocol is ICMP and ICMP type is destination-unreachable
Accept If protocol is ICMP and ICMP type is source-quench
Accept If protocol is ICMP and ICMP type is time-exceeded
Accept If protocol is ICMP and ICMP type is parameter-problem
Accept If protocol is TCP and destination port is ssh
Accept If protocol is TCP and destination port is auth
Accept If protocol is TCP and destination port is 10000
Accept If protocol is TCP and destination port is 20:21
Accept If protocol is TCP and destination port is 80
Accept If protocol is TCP and destination port is 27000:29000
Accept If protocol is UDP and destination port is 27000:29000
Reject Always

[mianosm]

No feedback at all?

[eet_1024]

If everything works as expected and a port scanner doesn't find any unexpected openings then all should be good.