Frequently Asked Questions

« Previous
How do I install the OCS Inventory agent for Linux?
Next «
How do I copy many files in Windows using Robocopy?

41. How do I set firewall rules in Linux to block SSH?

This is an example on how to set firewall rules in Linux. The command iptables below first open incoming on port 22/tcp (SSH) for the university network and then drop all other.

The first command (iptables) adds a rule (-A) to the input-chain (INPUT) for protcol tcp (-p tcp) on the incoming (--destination-port) port 22 for SSH (22) which has a source (-s) from the university (130.238/16) that it should accept the packets (-j ACCEPT).

The second command just drops everything else.

# iptables -A INPUT -p tcp --destination-port 22 -s 130.238/16 -j ACCEPT # iptables -A INPUT -p tcp --destination-port 22 -j DROP

How to save the rules is different between different distributions. In CentOS 7 I use the command service iptables save. In Ubuntu/Debian, install the package iptables-persistent and then run the command iptables-save > /etc/iptables/rules.v4. Reboot computer to see that the firewall rules stick.

To see the current firewall rules run this command:

# iptables -L -n

Also, to limit which accounts can login via SSH you can use the AllowUsers keyword in /etc/ssh/sshd_config like this:

AllowUsers myaccount

To allow more users:

AllowUsers firstaccount secondaccount

Restart or reload sshd or restart computer to use the new configuration for sshd.

Read more about iptables at the Netfilter homepage.

This entry linux.iptables was last modified 2018-06-04

This documentation is covered by GNU Free Documentation License.