I have released LIFS, the Linux Iptables Firewall Script. This script allows you to setup a firewall within minutes. It is easy to use, yet very powerful. It uses Iptables and even improves upon some limitations of Iptables.
Every person who has to maintain some kind of Iptables-based firewall should really look into LIFS. It will make managing your firewall much more convenient.
For more advanced purposes. LFS allows you to create object groups. These are groups of individual hosts, networks or services (tcp/udp).
Look at this example of object groups in action. Read and understand.
HTTP_SERVICES=" 80/tcp 443/tcp " WEB_SERVER_1=192.168.0.10 WEB_SERVER_2=192.168.0.11 WEB_SERVERS=" $WEB_SERVER_1 $WEB_SERVER_2 " allow_in any "$WEB_SRVERS" any "$HTTP_SERVICES"
As you can see, a single firewall rule in fact creates 4 rules, one for each host and port. This functionality can be found in commercial based firewalls but it is not build-in into Iptables. LIFS fixes this.
LIFS is a continuation of LFS, which has been discontinued.