[CentOS] Iptables rules not working

Thu Jul 16 16:36:19 UTC 2020
Leroy Tennison <leroy at datavoiceint.com>

You haven't given us enough to make a good evaluation.  Is your INPUT policy DROP?  Is your ssh destination this system or elsewhere, it makes a difference.  I'm hearing iptables can still be used with nftables but I haven't had need to investigate, you should look into the interaction of the two to make sure that's not causing problems.  Just a couple or possibilities.  I don't know if nftables still has the raw table which allows you to do an in depth (and laborious) analysis of what's happening by using the -J TRACE option but, if you can't find the issue by other means, it may be necessary.

From: CentOS <centos-bounces at centos.org> on behalf of Phil Perry <pperry at elrepo.org>
Sent: Thursday, July 16, 2020 10:54 AM
To: centos at centos.org <centos at centos.org>
Subject: [EXTERNAL] Re: [CentOS] Iptables rules not working

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


Leroy Tennison
Network Information/Cyber Security Specialist
E: leroy at datavoiceint.com


2220 Bush Dr
McKinney, Texas

This message has been sent on behalf of a company that is part of the Harris Operating Group of Constellation Software Inc.

If you prefer not to be contacted by Harris Operating Group please notify us<http://subscribe.harriscomputer.com/>.

This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.

On 16/07/2020 16:48, Kaushal Shriyan wrote:
> Hi,
> I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I am
> running the below iptables command to allow SSH port 22 from a specific
> source IP
> iptables -A INPUT -m tcp -p tcp -s --dport 22 -j ACCEPT
>> service iptables save
> The above iptables ruleset is not working and I am still able to connect
> from the internet to SSH port 22. I look forward to hearing from you and
> thanks in advance.
> Best Regards,
> Kaushal

EL8 does not use iptables by default - it's been replaced with nftables.

CentOS mailing list
CentOS at centos.org