I’m always striving for improved security on the services I manage, therefore, I’m always thinking about firewalls. I’ve got a couple of scripts I like for simplicity, and others I like for their thoroughness.
Besides physical security, network security is the next best thing. That’s why I love iptables and fail2ban, you can’t get much more control than what they offer!
Beyond the basic port and ip rules, there are a lot more obscure issues, like bogon lists, syn attacks, and such.
Here’s a good basic AND thorough script (not much explanation though!)