# reset defaults
iptables -F;
iptables -P OUTPUT DROP;
iptables -P FORWARD DROP;
iptables -P INPUT DROP;

# maintenance
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT;

# SMMP-server
iptables -A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT;

# SMMP
iptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT;

# apt-get
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT;
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT;

# dns
iptables -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT;
iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT;

# accept as INPUT all already ESTABLISHED connections
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT;

# accept to OUTPUT all already ESTABLISHED connections
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT;