Some linux firewall tips

The overconnected world needs some extra knowledge about protecting yourself from anti-democracy financed cyber-bandits, so here some small but powerfull firewall setup tips:
Firewall setup:

iptables -F 
iptables -P INPUT DROP 
iptables -P OUTPUT DROP 
iptables -P FORWARD DROP 
# There is no return once you know these logging lines: 
iptables -A INPUT -p icmp -m limit -j LOG --log-prefix "ICMP/IN: " 
iptables -A OUTPUT -p icmp -m limit -j LOG --log-prefix "ICMP/OUT: " 
iptables -A INPUT -p tcp -m limit -j LOG --log-prefix "TCP/IN: " 
iptables -A OUTPUT -p tcp -m limit -j LOG --log-prefix "TCP/OUT: " 
iptables -A INPUT -p udp -m limit -j LOG --log-prefix "UDP/OUT: " 
iptables -A OUTPUT -p udp -m limit -j LOG --log-prefix "UDP/OUT: "

Syslog setup, typically /etc/rsyslog.d/iptables.conf

:msg,contains,"ICMP/IN:" /var/log/iptables.log
:msg,contains,"ICMP/OUT:" /var/log/iptables.log
:msg,contains,"TCP/IN:" /var/log/iptables.log
:msg,contains,"TCP/OUT:" /var/log/iptables.log
:msg,contains,"UDP/IN:" /var/log/iptables.log
:msg,contains,"UDP/OUT:" /var/log/iptables.log

Restarting service
/etc/init.d/rsyslog restart