PATH="/sbin/"

##############################################
### reset everyting
##############################################
iptables -P INPUT       ACCEPT
iptables -P FORWARD     ACCEPT
iptables -P OUTPUT      ACCEPT

iptables --flush
iptables --zero
iptables --delete-chain

##############################################
### before we change policy we want to make sure some things are accepted.
### Just INPUT rules are specified because policy for OUTPUT is ACCEPT
##############################################

# Accept loopback interface connections
iptables -A INPUT -i lo -j ACCEPT

# Accept IP GRE (PPTP)
iptables -A INPUT  -i eth+ -p 47 -j ACCEPT

# DHCP
iptables -A INPUT -i eth+ -p udp --dport 67:68 -j ACCEPT

# microdc
iptables -A INPUT -i eth+ -p tcp -m state --state NEW --dport 20000 -j ACCEPT


# We allow all incoming data that is part of existing connections. Which 
# connections are allowed to come to existence is specified above
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

###############################################
### change policy
###############################################
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT