diff -r 000000000000 -r 60bc07f3f415 network/if-pre-up.d/01_ssh_only_eth0
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/network/if-pre-up.d/01_ssh_only_eth0	Thu Feb 27 17:12:59 2014 +0100
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# Only run once (not for every interface)
+if [ "$IFACE" != "--all" ]
+then
+	exit 0
+fi
+
+# only allow ssh connections on eth0 (host only)
+iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
+iptables -A INPUT -p tcp --dport 22 -j REJECT