1. close all incoming ports
iptables -P INPUT DROP
2. open all outgoing ports
iptables -P OUTPUT ACCEPT
3. open port 80 for all incoming connections
iptables -A INPUT --dport 80 -j ACCEPT
4. open ports 22 and 5432 only for a specific IP
iptables -A INPUT -m multiport --dports 22,5432 -s IP_ADDRESS -j ACCEPT

should be something like this
# Настраиваем политики по умолчанию
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# удаляем все имеющиеся правила
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X
# правила входящих соединений
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 --match state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 80 --match state --state NEW -j ACCEPT
iptables -A INPUT -i eth0 --source 192.168.0.10 -p tcp --dport 22 --match state --state NEW -j ACCEPT
iptables -A INPUT -i eth0 --source 192.168.0.10 -p tcp --dport 5432 --match state --state NEW -j ACCEPT
# Правила исходящих соединений
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 --match state --state NEW, ESTABLISHED, RELATED -j ACCEPT


If suddenly there is a graphical shell, then you can install Firestarter. And so something I myself suffered with iptables, we must wait for the experienced.

If you have Ubuntu, for example, then it is easier and more convenient to make settings through UFW - help.ubuntu.com/community/UFW is simplicity and elementary!

Since the "simplifiers" of iptables settings are already advised, I will advise: I use shorewall - a fairly easy-to-configure interface (configuration files are simple, in addition, you can even find a simple GUI for it, although there are still more possibilities manually).