How to: Allow telnet and ssh through iptables under Linux

Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet – port 23 and ssh port 22 thought Linux iptables firewall ?

A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to do is modify this file to add rules to open port 22 or 23.

Login as the root user.

Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Find line that read as follows:
COMMIT
To open port 22 (ssh), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

To open port 23 (telnet), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT

Save and close the file. Restart the firewall:
# /etc/init.d/iptables restart


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 5 comments so far... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
5 comments… add one
  • X-Modius Nov 27, 2007 @ 20:55

    To get fancy with iptables and block repeated failed connection attempts, check out this article:

    http://www.itwire.com/content/view/13841/53

  • Shiva May 24, 2008 @ 7:42

    send me code of linux firewall in C.

  • 🐧 nixCraft May 24, 2008 @ 15:48
  • Liju Jun 1, 2008 @ 16:15

    Hi,

    I don’t think this is not a good idea to allow telnet access nowaday.nobody is using telnet on linux box. Disable this service first

    Also it is not a good idea to allow ssh access to everyone over the net
    # Permitt SSH access to my ip and my network
    /sbin/iptables -A INPUT -s 8.23.2.11 -p tcp –dport ssh -j ACCEPT
    /sbin/iptables -A INPUT -s 4.3.8.0/24 -p tcp –dport ssh -j ACCEPT

  • V.Balaviswanathan Jun 18, 2009 @ 9:11

    Thanks for the info, How do I use iptables in squid to block messanger or chat tools? Could any one help me please

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum