#Minimal Iptables Rules

## Allow
###Allow Loopback
sudo iptables -I INPUT 1 -i lo -j ACCEPT

###Established conversations get traffic.
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

###Allow ssh
sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT

###Allow Web
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

##Block
###Drop everything not allowed
sudo iptables -A INPUT -j DROP

##Logging Denied packets
### log blocked tcp packets
sudo iptables -I INPUT 5 -p tcp -m limit --limit 5/min -j LOG --log-prefix "iptables tcp denied: " --log-level 7