Am 16.07.20 um 18:11 schrieb Kaushal Shriyan: > On Thu, Jul 16, 2020 at 9:25 PM Phil Perry <pperry at elrepo.org> wrote: > >> On 16/07/2020 16:48, Kaushal Shriyan wrote: >>> Hi, >>> >>> I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I >> am >>> running the below iptables command to allow SSH port 22 from a specific >>> source IP 219.91.200.59 >>> >>> iptables -A INPUT -m tcp -p tcp -s 219.91.200.59 --dport 22 -j ACCEPT >>>> service iptables save >>> >>> >>> The above iptables ruleset is not working and I am still able to connect >>> from the internet to SSH port 22. I look forward to hearing from you and >>> thanks in advance. >>> >>> Best Regards, >>> >>> Kaushal >> >> EL8 does not use iptables by default - it's been replaced with nftables. >> >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos > > > Hi, > > I have run the below command but I am still able to connect from the > internet. Do I need to add any drop traffic policy using nft? > > #nft add rule ip filter INPUT ip saddr 219.91.200.59/32 tcp dport 22 ct > state new,established counter accept > > Any help will be highly appreciable. Thanks in advance. > > Better start with firewalld, a frontend to nft What is the output of firewall-cmd --list-all -- Leon