ydf · January 11, 2018 10:32
diff --git a/iptables-rule b/iptables-rule
 # Generated by iptables-save v1.4.21 on Thu Jan 11 10:10:03 2018
 *filter
 :INPUT DROP [8:834]
 :FORWARD ACCEPT [0:0]
 :OUTPUT DROP [0:0]
 -A INPUT -i lo -j ACCEPT
 -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -p tcp -m multiport --dports 80,443,22 -j ACCEPT
 -A INPUT -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
 -A OUTPUT -o lo -j ACCEPT
 -A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
 -A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
 -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
 COMMIT
 # Completed on Thu Jan 11 10:10:03 2018
	# Generated by iptables-save v1.4.21 on Thu Jan 11 10:10:03 2018
	*filter
	:INPUT DROP [8:834]
	:FORWARD ACCEPT [0:0]
	:OUTPUT DROP [0:0]
	-A INPUT -i lo -j ACCEPT
	-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
	-A INPUT -m conntrack --ctstate INVALID -j DROP
	-A INPUT -p tcp -m multiport --dports 80,443,22 -j ACCEPT
	-A INPUT -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
	-A OUTPUT -o lo -j ACCEPT
	-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
	-A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
	-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
	COMMIT
	# Completed on Thu Jan 11 10:10:03 2018