Configuring the firewall by hand using iptables is quite difficult. When we still used RedHat 8.1 we have been doing it but now not anymore. We have been using yast2 now for firewall configuration. An alternative to yast2 is fwbuilder. We tried it once and it seems to work although the code it produces is quite large compared to manual configuration. An obvious advantage is that fwbuilder can be used together with many different types of firewalls and operating systems (e.g. also Mac OS X). I still think Brickhouse (formerly Brickwall) is a very good - probably the best and easiest - configuration script for the inbuilt firewall/routing functions of Mac OS X. I think the Linux community needs such a project since Brickhouse is way easier to use than fwbuilder.