You haven't given us enough to make a good evaluation. Is your INPUT policy DROP? Is your ssh destination this system or elsewhere, it makes a difference. I'm hearing iptables can still be used with nftables but I haven't had need to investigate, you should look into the interaction of the two to make sure that's not causing problems. Just a couple or possibilities. I don't know if nftables still has the raw table which allows you to do an in depth (and laborious) analysis of what's happening by using the -J TRACE option but, if you can't find the issue by other means, it may be necessary.
________________________________ From: CentOS centos-bounces@centos.org on behalf of Phil Perry pperry@elrepo.org Sent: Thursday, July 16, 2020 10:54 AM To: centos@centos.org centos@centos.org Subject: [EXTERNAL] Re: [CentOS] Iptables rules not working
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Harriscomputer
Leroy Tennison Network Information/Cyber Security Specialist E: leroy@datavoiceint.com
[cid:Data-Voice-International-LOGO_aa3d1c6e-5cfb-451f-ba2c-af8059e69609.PNG]
2220 Bush Dr McKinney, Texas 75070 www.datavoiceint.comhttp://www..com
This message has been sent on behalf of a company that is part of the Harris Operating Group of Constellation Software Inc.
If you prefer not to be contacted by Harris Operating Group please notify ushttp://subscribe.harriscomputer.com/.
This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.
On 16/07/2020 16:48, Kaushal Shriyan wrote:
Hi,
I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I am running the below iptables command to allow SSH port 22 from a specific source IP 219.91.200.59
iptables -A INPUT -m tcp -p tcp -s 219.91.200.59 --dport 22 -j ACCEPT
service iptables save
The above iptables ruleset is not working and I am still able to connect from the internet to SSH port 22. I look forward to hearing from you and thanks in advance.
Best Regards,
Kaushal
EL8 does not use iptables by default - it's been replaced with nftables.
_______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos