How to: Allow telnet and ssh through iptables under Linux

Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet – port 23 and ssh port 22 thought Linux iptables firewall ?

ADVERTISEMENTS

A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to do is modify this file to add rules to open port 22 or 23.

Login as the root user.

Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Find line that read as follows:
COMMIT
To open port 22 (ssh), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

To open port 23 (telnet), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT

Save and close the file. Restart the firewall:
# /etc/init.d/iptables restart

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
Network Utilitiesdig host ip nmap
Package Managerapk apt
Processes Managementbg chroot disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w

ADVERTISEMENTS
5 comments… add one
  • X-Modius Nov 27, 2007 @ 20:55

    To get fancy with iptables and block repeated failed connection attempts, check out this article:

    http://www.itwire.com/content/view/13841/53

  • Shiva May 24, 2008 @ 7:42

    send me code of linux firewall in C.

  • 🐧 nixCraft May 24, 2008 @ 15:48
  • Liju Jun 1, 2008 @ 16:15

    Hi,

    I don’t think this is not a good idea to allow telnet access nowaday.nobody is using telnet on linux box. Disable this service first

    Also it is not a good idea to allow ssh access to everyone over the net
    # Permitt SSH access to my ip and my network
    /sbin/iptables -A INPUT -s 8.23.2.11 -p tcp –dport ssh -j ACCEPT
    /sbin/iptables -A INPUT -s 4.3.8.0/24 -p tcp –dport ssh -j ACCEPT

  • V.Balaviswanathan Jun 18, 2009 @ 9:11

    Thanks for the info, How do I use iptables in squid to block messanger or chat tools? Could any one help me please

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.