Now to follow up with my promise... About iptables.
iptables, like the name says, consists of a set of tables that have to do with the IP protocol. That's about as exact as the definition is going to get. You can do virtually any packet filtering with it, and execute a large array of actions on these packets. I'll gloss over the details quickly, because, honestly, the HOWTOs are much clearer on this that I could ever be.
For example, you could make a rule that REJECTs everything on port 139. There, it'll refuse NetBIOS connections. If you prefer, you can have it DROP... It won't even answer requests, effectively hiding the computer. You could also have it DROP pings, fingers, whatever you want. This is how a basic firewall works.
Another thing you can have it do is take all the packets on an internal network interface, and forward them to an external interface. Yep, that's what we call
routing. (One form of it, at least.) And in the other direction, you can tell it to automatically forward all requests to a given port on your external interface to a private IP, through the internal interface.
And that's just the basics. If
TDLP isn't clear, try this
Gentoo targeted routing guide. The
LARTC, which klingens mentoined, uses much more advanced tools to actually control the amount of bandwidth allocated to each computer, port, etc... It's very useful, really, but you'll want to get a basic router working first.