Kubuntu Router: IPTables, IPSec

[Iko Chang]

Hello all,
     I know that this question isn't directly Kubuntu
related, but I've read many smart people in this
mailing list and figure y'all may be able to help me
and a friend out.
     The situation is this:  I am running Kubuntu
5.10, I want my machine to be the router in my
girlfriend's and my appartment.  So my setup looks
like this:

1.  cable modem
2.  my machine, 2 nics, eth0=external link and        
     eth1=internal link
3.  eth1 goes to linksys router used as a switch
4.  gf's machine (windows) wireless connected to      
     linksys

     My friends setup is pretty much identical, with
his fc5 machine as the router.  We are also wanting to
setup an IPSec tunnel between our machines/routers
using Openswan.  He and I currently use Firestarter as
our firewall and we also have our machines setup as
DHCP servers for our respective lans.  Previous to
Firestarter, I used Guarddog.  Looking at the output
of iptables --list, I've got tons of rules, most of
them I don't see the point of.  After reading up on
IPSec tunneling, it seems that as far as it's
concerned, I can't have Masquerading on.
     So, what I am looking for is this:  I want to
redo my IPTables, with my machine being a gateway for
my gf's pc to the interweb, blocking unwanted traffic
from the interweb, and allowing free access for the
IPSec tunnel between my friend's and my lans.
     I've found some info on parts of this on the web
and I found what seems to be THE IPTables manual (it's
a brain hemorrhage for a newbie like me), but I
haven't come across anything that fits my desired
setup.
     Any and all help would be greatly appreciated.

Iko

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com