$IPT -t filter -P INPUT DROP
$IPT -t filter -P OUTPUT DROP
$IPT -t filter -P FORWARD DROP
.
.
.
$IPT -t filter -I INPUT -i lo -j ACCEPT
$IPT -t filter -I OUTPUT -o lo -j ACCEPT
.
.
.
$TFA INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
.
.
.
$TFA OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$TFA OUTPUT -p UDP -d 8.8.8.8 --dport 53 -j ACCEPT
$TFA OUTPUT -p UDP -d 8.8.4.4 --dport 53 -j ACCEPT
$TFA OUTPUT -p TCP -m multiport --dports 80,443 -m state --state NEW -j ACCEPT
--------------------------------------------------------------------------
színes