linux adds an example of iptables firewall rules

Here are my iptables Settings

 *filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [49061:9992130]
-A INPUT -i lo -j ACCEPT    Many services will not be available if not opened. Open the return address 
-A INPUT -p icmp -j ACCEPT    allow icmp Package through , That is to allow others ping oneself 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10337 -j ACCEPT  This is my own SSH End connections 
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

Note: when using the rule after the Chinese comment to remove, the above can also be written as multi-port mode

-A INPUT -p tcp -m multiport --dports 21,25,80,110,3306,8080,10337 -j ACCEPT