#!/bin/bash -e -u# Clear existing rules.iptables -Fiptables -t nat -Fi

1. #!/bin/bash -e -u
2.  
3. # Clear existing rules.
4. iptables -F
5. iptables -t nat -F
6. iptables -t mangle -F
7.  
8. # Set defaults.
9. iptables -P OUTPUT ACCEPT
10. iptables -P INPUT DROP
11. iptables -P FORWARD DROP
12.  
13. # Allow loopback.
14. iptables -A INPUT -i lo -j ACCEPT
15. iptables -A OUTPUT -o lo -j ACCEPT
16.  
17. # Allow responses to outbound traffic.
18. iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
19.  
20. # Log inbound TCP connections.
21. iptables -A INPUT -p tcp --tcp-flags SYN SYN -j LOG