Hello everyone!
Can you guys give your oppinion on my /usr/local/sbin/post-firewall ?
I've based it from wirespot's post in here.
As you can see, I want to keep myself stealthed, but I also want to open ports 17300 to 17305 for Transmission. I don't want to ssh in from outside, just from the local network, neither to open Samba to outside.
Also, I found somewhere the lines about the DNS (I use OpenDNS).
Here's the file:

Code:
$ cat /usr/local/sbin/post-firewall

#!/bin/sh                                               

# Default policies
iptables -P INPUT DROP                   
iptables -I INPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -I OUTPUT 1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

# Always allow SSH!
iptables -I INPUT 2 -s 192.168.1.0/24 -d 192.168.1.1 --dport 22 -j ACCEPT

# Accept all tcp SYN packets for protocols SMTP, HTTP, HTTPS, and SSH
iptables -A INPUT -p tcp -s "$4" -d 192.168.1.0/24 --dport 25 --syn -j ACCEPT

# Allow access from outside on this portrange: 17300:17305.
for P in 17300:17305; do                                  
  iptables -I INPUT 3 -p "$1" --syn --dport $P -j ACCEPT  
done                                                      

# DNS queries:
# Permit responses from OpenDNS: 
iptables -A INPUT -p udp -s 208.67.220.220 --sport 53 -d "$4" --dport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp -s 208.67.222.222 --sport 53 -d "$4" --dport 1024:65535 -j ACCEPT

echo "$@" > /usr/local/root/param.log
Also, when I've run post-firewall from the console, I got the following output in the console:
Code:
iptables v1.2.7a: Unknown arg `--dport'
How can i correct this?