0

I'm trying to block port 22 to disallow incoming ssh connections on a Ubuntu VM. I have issued the command:

$> iptables -A INPUT -p tcp -dport 22 -s ###.##.##.## -j DROP

But I can still ssh into the VM. nmap reports that port 22 is still open.

How do I block port 22 to prevent incoming ssh?

1 Answers1

2

The thing to remember is that firewall rules are checked in the order they are listed. The kernel will stop processing the chain when a rule is triggered that will either allow or dis-allow a packet or connection.

I think the most common mistake for novice firewall administrators is that they follow the correct instructions to open or block a new connection, such as the one one you did and then discover that it won't take effect.

The reason for that is that the -A option adds that new rule, after all existing rules and you probably have a higher priority existing rule that allows SSH.

Use -I to insert your new rules as the first in the chain and they will not be negated by existing rules, or rather , always look at your complete firewall config

See also Debugging iptables and common firewall pitfalls?

Bob
  • 5,335
  • 5
  • 24