# Flush
iptables -F
# Accept ssh
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# Accept outgoing connections
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Accept lo interface
iptables -A INPUT -i lo -j ACCEPT
# Open bunch more ports
iptables -A INPUT -p tcp -m tcp --dport 5000 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 8888 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 9066 -j ACCEPT
# Block typical DDOS attaks
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
# Finishing
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
# See the rules
iptebles -L -n
# Restart
# Save
iptables-save | sudo tee /etc/sysconfig/iptables