#!/bin/sh

export localip="`/sbin/ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
export public=22,25,80,443

# Flush iptables
/sbin/iptables --flush

# Set policies
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT

# Allow some incoming tcp
/sbin/iptables -A INPUT -p tcp --syn -d $localip -m multiport --dports $public -j ACCEPT

# Allow local tcp
/sbin/iptables -A INPUT -p tcp --syn -s 127.0.0.1 -j ACCEPT

# Drop all other incoming tcp
/sbin/iptables -A INPUT -p tcp --syn -j DROP
