/sbin/ipchains -P input DENY
/sbin/ipchains -P output DENY
/sbin/ipchains -P forward DENY
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains -F forward
/sbin/ipchains -F wellk
/sbin/ipchains -F udpsocks
/sbin/ipchains -X wellk
/sbin/ipchains -X udpsocks
/sbin/ipchains -N wellk
/sbin/ipchains -A wellk -p tcp --dport www -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport smtp -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport domain -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport auth -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport nntp -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport ntp -j ACCEPT
/sbin/ipchains -A wellk -p tcp --dport https -j ACCEPT
/sbin/ipchains -N udpsocks
/sbin/ipchains -A udpsocks -p udp --dport ntp -j ACCEPT
/sbin/ipchains -A udpsocks -p udp --dport domain -j ACCEPT
/sbin/ipchains -A input -i lo -j ACCEPT
/sbin/ipchains -A output -i lo -j ACCEPT 
/sbin/ipchains -A input -i eth0 -j ACCEPT
/sbin/ipchains -A output -i eth0 -j ACCEPT
/sbin/ipchains -A input -i eth1 -p tcp --dport 1024:65535 -j ACCEPT
/sbin/ipchains -A input -i eth1 -p tcp -j wellk
/sbin/ipchains -A input -i eth1 -p udp --sport domain --dport 1024:65535 -j ACCEPT
/sbin/ipchains -A input -i eth1 -p udp -j udpsocks
/sbin/ipchains -A input -p icmp -j ACCEPT
/sbin/ipchains -A input -l -j DENY
/sbin/ipchains -A output -i eth1 -s {your_external_IP} -j ACCEPT
/sbin/ipchains -A output -l -j DENY
/sbin/ipchains -A forward -s 192.168.1.0/24 -d 0/0 -j MASQ