How to: Allow telnet and ssh through iptables under Linux

Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet – port 23 and ssh port 22 thought Linux iptables firewall ?

A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to do is modify this file to add rules to open port 22 or 23.

Login as the root user.

Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Find line that read as follows:
COMMIT
To open port 22 (ssh), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

To open port 23 (telnet), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT

Save and close the file. Restart the firewall:
# /etc/init.d/iptables restart


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 5 comments so far... add one

CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
5 comments… add one
  • X-Modius Nov 27, 2007 @ 20:55

    To get fancy with iptables and block repeated failed connection attempts, check out this article:

    http://www.itwire.com/content/view/13841/53

  • Shiva May 24, 2008 @ 7:42

    send me code of linux firewall in C.

  • 🐧 nixCraft May 24, 2008 @ 15:48
  • Liju Jun 1, 2008 @ 16:15

    Hi,

    I don’t think this is not a good idea to allow telnet access nowaday.nobody is using telnet on linux box. Disable this service first

    Also it is not a good idea to allow ssh access to everyone over the net
    # Permitt SSH access to my ip and my network
    /sbin/iptables -A INPUT -s 8.23.2.11 -p tcp –dport ssh -j ACCEPT
    /sbin/iptables -A INPUT -s 4.3.8.0/24 -p tcp –dport ssh -j ACCEPT

  • V.Balaviswanathan Jun 18, 2009 @ 9:11

    Thanks for the info, How do I use iptables in squid to block messanger or chat tools? Could any one help me please

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz