# Generated by iptables-save v1.4.16.3 on Wed Jan 16 16:22:34 2013
*filter
:INPUT DROP [25:5586]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [62:7702]
#very important: Allow all traffic initiated from the router to return from Internet. There is no connectivity without this
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
#drop everything else from Internet
-A INPUT -i eth1 -j DROP
COMMIT
# Completed on Wed Jan 16 16:22:34 2013