# reset defaults
iptables -F;
iptables -P OUTPUT DROP;
iptables -P FORWARD DROP;
iptables -P INPUT DROP;

# maintenance
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT;
iptables -A OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT;

# SMMP-server
iptables -A INPUT -p tcp -m tcp --sport 22 -j ACCEPT;
iptables -A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT;

# SMMP
iptables -A INPUT -p tcp -m tcp --sport 443 -j ACCEPT;
iptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT;

# dns
iptables -A OUTPUT -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -A INPUT  -p udp --sport 53 -m state --state ESTABLISHED     -j ACCEPT;
iptables -A OUTPUT -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT;
iptables -A INPUT  -p tcp --sport 53 -m state --state ESTABLISHED     -j ACCEPT;