4. DNS server
2. /sbin/iptables -A INPUT -p tcp -m state --state
ESTABLISHED,RELATED -j ACCEPT
Forget about this. It makes things easier yes but it is too slow if you come under attack...but then you put everything on one box seemly so I guess you don't get much traffic.
<>7. /sbin/iptables -A INPUT -p tcp --dport 53 --syn -j ACCEPT #DNS
Where's the udp rule?
<>1. Does this effectively offer connections ONLY to the services I offer and nothing more than that?
It does not open dns udp. Why do you have ssh open to the world?
<> 2. Does the rule 2 create any security loophole?
Performance issues are probable.
<> 4. Is this firewall good enough to protect the server? If no, could you kindly comment how could I improve further?
Why do you have ssh open to the world?
The second thing is, make sure you run secure software like djb's publicfile for your ftp service (example only) for the firewall ain't gonna protect you if you have exploitable software on the service ports.
