Basic set of IP Table rules for Basic Functionality

basic_iptables.sh

# Remove previous rules
iptables -F
iptables -X
iptables -Z
# Set default policies
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp --dport 22 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# iptables -A INPUT -p tcp --dport 1194 -j ACCEPT #OpenVPN Server
# iptables -A INPUT -p udp --dport 1194 -j ACCEPT #OpenVPN Server
# iptables -A INPUT -p tcp --dport 53 -j ACCEPT #DNS Server
# iptables -A INPUT -p udp --dport 53 -j ACCEPT #DNS Server
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT #http
# iptables -A INPUT -p tcp --dport 443 -j ACCEPT #http(s)
iptables -A INPUT -p tcp --dport 19999 -j ACCEPT #netdata
iptables -A INPUT -p tcp --dport 5201 -j ACCEPT #iperf3
iptables -A INPUT -p udp --dport 5201 -j ACCEPT #iperf3
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP #ICMP
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -P INPUT DROP
iptables -N LOGGING
iptables -A INPUT -j LOGGING
iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7
iptables -A LOGGING -j DROP
iptables -A FORWARD -j LOG