This policy sets up a simple exclusionary firewall on targeted machines using iptables. When enabled, the firewall will by default allow all outgoing traffic but block any inbound traffic with the exception of ssh and ping.
The format is:
Name is just an identifying string.
Type is either INPUT or OUTPUT (caps are mandatory).
Use INPUT to block incoming port and OUTPUT to block the computer from sending on that port.
Protocol should be one of tcp, udp, icmp, or all.
Port is the port number.
Action is either ACCEPT or DROP.
This example would allow connections to the machine as a web server
This example will prevent the machine from sending mail