You haven't given us enough to make a good evaluation. Is your INPUT policy DROP? Is your ssh destination this system or elsewhere, it makes a difference. I'm hearing iptables can still be used with nftables but I haven't had need to investigate, you should look into the interaction of the two to make sure that's not causing problems. Just a couple or possibilities. I don't know if nftables still has the raw table which allows you to do an in depth (and laborious) analysis of what's happening by using the -J TRACE option but, if you can't find the issue by other means, it may be necessary. ________________________________ From: CentOS <centos-bounces at centos.org> on behalf of Phil Perry <pperry at elrepo.org> Sent: Thursday, July 16, 2020 10:54 AM To: centos at centos.org <centos at centos.org> Subject: [EXTERNAL] Re: [CentOS] Iptables rules not working CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Harriscomputer Leroy Tennison Network Information/Cyber Security Specialist E: leroy at datavoiceint.com [cid:Data-Voice-International-LOGO_aa3d1c6e-5cfb-451f-ba2c-af8059e69609.PNG] 2220 Bush Dr McKinney, Texas 75070 www.datavoiceint.com<http://www..com> This message has been sent on behalf of a company that is part of the Harris Operating Group of Constellation Software Inc. If you prefer not to be contacted by Harris Operating Group please notify us<http://subscribe.harriscomputer.com/>. This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message. On 16/07/2020 16:48, Kaushal Shriyan wrote: > Hi, > > I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I am > running the below iptables command to allow SSH port 22 from a specific > source IP 219.91.200.59 > > iptables -A INPUT -m tcp -p tcp -s 219.91.200.59 --dport 22 -j ACCEPT >> service iptables save > > > The above iptables ruleset is not working and I am still able to connect > from the internet to SSH port 22. I look forward to hearing from you and > thanks in advance. > > Best Regards, > > Kaushal EL8 does not use iptables by default - it's been replaced with nftables. _______________________________________________ CentOS mailing list CentOS at centos.org https://lists.centos.org/mailman/listinfo/centos