I wrote the following iptables rules.
My main intention was to do these things
allow ssh traffic to any machine
allow web traffic(http,https, and some ssh) to a select number of websites(effectively a whitelist)
allow all traffic to 192.168.0.x (machines in my subnet)
allow all traffic with the loopback interface
don't mess up the current connections
I have been working on a personal project that requires HTTP traffic, destined for the WAN (on my ADSL router, 10.10.10.254), to be routed to an internal box (lets call it 10.10.10.1 /24, listening on port 8888).