Default iptables configuration.

iptables.conf

#!/bin/bash

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Apply configuration

$ sudo source iptables.conf

Persistent

Install iptables-persistent:

$ sudo apt install iptables-persistent

Save rules:

$ sudo iptables-save > /etc/iptables/rules.v4

Show log real-time

tail -f /var/log/messages | grep -F "FW:"