#!/bin/bash
T=/usr/sbin/iptables

# Reset firewall
$T -F
$T -X

$T -t nat -F
$T -t nat -X

$T -t mangle -F
$T -t mangle -X

# Set default policies
$T -P INPUT   DROP   # All incoming traffic is dropped per default
$T -P FORWARD DROP   # Here goes all routed traffic. Since this isn't a router, it is dropped :)
$T -P OUTPUT  ACCEPT # Local server can send all traffic it wants

$T -A INPUT -i lo -j ACCEPT                                # Accept traffic from localhost interface
# $T -A INPUT -i eth1 -j ACCEPT                            # Accept all traffic from internal LAN interface
$T -A INPUT -p tcp  --dport 80 -j ACCEPT                   # Accept traffic destinated to our port TCP port 80
$T -A INPUT -s 195.67.27.100   -j ACCEPT                   # Accept all traffic from Magnus' IP
$T -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Accept traffic which is seen before (ESTABLISHED) or RELATED to currently accepted traffic