After many requests from my students, follows a very basic configuration:
# Allow outgoing traffic and disallow any passthroughs
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP# Allow traffic already established to continue
iptables -A INPUT -m state —state ESTABLISHED,RELATED -j ACCEPT
# Allow ssh, and web
iptables -A INPUT -p tcp –dport 22 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 22 -i eth0 -j ACCEPTiptables -A INPUT -p tcp –dport 80 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 80 -i eth0 -j ACCEPTiptables -A INPUT -p tcp –dport 443 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 443 -i eth0 -j ACCEPT# Allow local loopback services
iptables -A INPUT -i lo -j ACCEPT