I have updated my iptables scripts again.
This time fw_laptop got support for limiting logging in case of flooding, blocking of known-bad IP addresses (e.g. from DShield.org), optional blocking of certain outbound ports (e.g. X11 server, VNC, NFS etc.), and a few minor tweaks...
Thanks to Ryan Giobbi for several hints and comments. Further comments and suggestions are welcome!
I have updated my iptables scripts today, mostly minor improvements and documentation updates in fw_laptop. I also added a new script called fw_blockall, which literally blocks everything (incoming, outgoing, and forwarded packets, packet from/to localhost, pings). This might be useful sometimes.
Any comments and suggestions for improvements are highly welcome!