Providing this is your internet.in, this will allow :
. 1-2: incoming SMTP (mail) (why udp ?)
. 3-4: incoming pop3 (why did you put udp ?)
. 5-8: ident/authd/tap (why did you put udp ?) in and out
. 9-10: DNS queries to your NS, and zones taken from your NS.
The default is to deny if it doesn't match any rule ... so 11-13 are useless.
But you might also want to add
permit 0.0.0.0/0 207.102.61.0/24 estab
which will allow incoming tcp traffic with a connection already estblished.
If you don't have that, your email won't go out for example (as you will be
able to connect outside, but will block the answer)
You might want also to add
permit 0.0.0.0/0 207.102.61.0/24 udp src eq 53
otherwise you won't have the ability to query outside NS.
I think you might need to sit down a little bit more, and think about the
traffic you need to filter, and let go thru.
Arnaud.
-- Arnaud Girsch -+- agirsch@marben.com -+- Marben Products, Inc. - San Jose, CA