I've recently updated my examples for firewall building on ftp.cisco.com.
I would suggest to anyone who is interested in implementing general
purpose IP firewalls using packet filtering on a cisco router (or on any
packet filtering device) take a peek at this stuff.
Also of interest is
which is a FTP client modifed to not require inbound TCP connections on
random ports greater than 1023.
Neither of these applications is supported by cisco Systems or myself.
There are no guarantees that building a firewall system using these tools
will protect you from anything. This information is provided for educational
purposes only. Your milage may vary... (read: if you get hit anyway, don't