Angel Ortega's firewall script
Latest version is 2.0.3.
This is the firewall script I use in all servers I maintain. It's designed to be as simple as possible. In its default configuration, it drops all incoming connections except for ssh (with a maximum of 5 connections per minute), allows all outgoing connections, filters many kinds of malformed packets, limits icmp pings and logs all rejected things (taking care of not flooding logfiles). Only Linux iptables are used.
This software is licensed under the GPL.