Index: scripts/lockdown.sh
===================================================================
diff -u -r20ab6dc6236a0866e699e1c2bfa61be4ae413f2f -r9b8e81e83ef067dff42206a6642a6d87086a6474
--- scripts/lockdown.sh	(.../lockdown.sh)	(revision 20ab6dc6236a0866e699e1c2bfa61be4ae413f2f)
+++ scripts/lockdown.sh	(.../lockdown.sh)	(revision 9b8e81e83ef067dff42206a6642a6d87086a6474)
@@ -167,6 +167,40 @@
 }
 
 ############################################################################
+# Turn on IPTables Firewall security.
+#
+# Globals:
+#   None
+# Arguments:
+#   None
+# Outputs:
+#   None
+############################################################################
+function secureIPTables() {
+  local fileTarget="/etc/iptables/iptables.rules"
+
+  # Flush current iptable configuration.
+  iptables -F
+
+  # Allow established connections to come input.
+  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+  # Localhost
+  iptables -A INPUT -i lo -j ACCEPT
+
+  # SSH
+  iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+  iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
+
+  # Default Rules
+  iptables -A INPUT -j DROP
+  iptables -A FORWARD -j DROP
+  iptables -A OUTPUT -j ACCEPT
+
+  iptables-save > $fileTarget
+}
+
+############################################################################
 # Turn on some ssh security.
 #
 # Globals:
@@ -265,6 +299,9 @@
   setPermissionsCustomerAppFiles
   updateSudoers
 
+  # Block incoming traffic except for ssh and established.
+  secureIPTables
+
   # Turn off root login in by ssh.
 #  secureSsh
 }