I have a doubt about allow lo traffic. May I use this rule? iptables -A INPUT -s lo -d lo -j ACCEPT
-s and -d expects IP addresses (or hostnames, but they are converted to IP at the time you enter the command). So, unless lo happens to be a hostname, this does not work.
Or, is it the correct form? iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT
This is correct.