Most workstations are well-served with firewall rules like this:

*filter
:INPUT DROP
:FORWARD DROP
:OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT

Yes, this is just two rules. Use iptables-restore to load.

No need to fire up a complex firewall builder tool for that. ;-)

The first input rule enabled loopback traffic, the second allows data traffic for established and related connections (ftp data channels for example).

If you want to allow incoming SSH, add

-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

Oh, unless of course you want to run filesharing and such. You might want to allow incoming connections on other ports as well.