Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet – port 23 and ssh port 22 thought Linux iptables firewall ?
A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to do is modify this file to add rules to open port 22 or 23.
Login as the root user.
Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Find line that read as follows:
COMMIT
To open port 22 (ssh), enter (before COMMIT line):
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
To open port 23 (telnet), enter (before COMMIT line):
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
Save and close the file. Restart the firewall:
# /etc/init.d/iptables restart
🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.
🐧 5 comments so far... add one ↓
🐧 5 comments so far... add one ↓
Related Tutorials
| Category | List of Unix and Linux commands |
|---|---|
| Disk space analyzers | df • duf • ncdu • pydf |
| File Management | cat • cp • mkdir • tree |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Modern utilities | bat • exa |
| Network Utilities | NetHogs • dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • glances • gtop • jobs • killall • kill • pidof • pstree • pwdx • time • vtop |
| Searching | ag • grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
To get fancy with iptables and block repeated failed connection attempts, check out this article:
http://www.itwire.com/content/view/13841/53
send me code of linux firewall in C.
http://www.netfilter.org/
Hi,
I don’t think this is not a good idea to allow telnet access nowaday.nobody is using telnet on linux box. Disable this service first
Also it is not a good idea to allow ssh access to everyone over the net
# Permitt SSH access to my ip and my network
/sbin/iptables -A INPUT -s 8.23.2.11 -p tcp –dport ssh -j ACCEPT
/sbin/iptables -A INPUT -s 4.3.8.0/24 -p tcp –dport ssh -j ACCEPT
Thanks for the info, How do I use iptables in squid to block messanger or chat tools? Could any one help me please