To drop all internet traffic that is new iptables -A INPUT -i eth0 -s 0.0.0.0/0 -m conntrack --ctstate NEW -j DROP
iptables -A INPUT -i eth0 -s 0.0.0.0/0 -m conntrack --ctstate NEW -j DROP
To allow only your ip on tcp/22 iptables -A INPUT -i eth0 -s a.b.c.d/32 -m conntrack --ctstate NEW -j ACCEPT
iptables -A INPUT -i eth0 -s a.b.c.d/32 -m conntrack --ctstate NEW -j ACCEPT