ryuone/gist:4570750

## gistfile1.txt
iptables -F
iptables -X
iptables -Z

iptables -P INPUT   DROP   # 受信はすべて破棄
iptables -P OUTPUT  ACCEPT # 送信はすべて許可
iptables -P FORWARD DROP   # 通過はすべて破棄

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p tcp -m conntrack --ctstate NEW --dport 80 -j ACCEPT  # http
iptables -A INPUT -p tcp -m conntrack --ctstate NEW --dport 22 -j ACCEPT  # ssh
	iptables -F
	iptables -X
	iptables -Z

	iptables -P INPUT DROP # 受信はすべて破棄
	iptables -P OUTPUT ACCEPT # 送信はすべて許可
	iptables -P FORWARD DROP # 通過はすべて破棄

	iptables -A INPUT -i lo -j ACCEPT
	iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

	iptables -A INPUT -p tcp -m conntrack --ctstate NEW --dport 80 -j ACCEPT # http
	iptables -A INPUT -p tcp -m conntrack --ctstate NEW --dport 22 -j ACCEPT # ssh