• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 543
  • Last Modified:

Dropped port 22 in iptables - is this permanent?

I issued the following command not thinking through all of the implications:
iptables -I INPUT -m tcp -p tcp --dport 22 -j DROP
I was immediately dropped from the server - I thought my connection would remain as when you start and stop sshd.  My question is - is port 22 permanently dropped? Is there anyway around this?  If I powercycle the server will sshd on port 22 still be blocked?  Basically - I am looking for a way to login.
As background I issued the command in an attempt to do all of the following:
iptables -I INPUT -m tcp -p tcp --dport 22 -m state --state NEW -m limit --limit 3/min --limit-burst 3 -j ACCEPT
iptables -I INPUT -m tcp -p tcp -s 74.95.55.58 --dport 22 -j ACCEPT
iptables -I INPUT -m tcp -p tcp --dport 22 -m state --state ESTABLISHED,RELATED -j ACCEPT
to eliminate an ssh attack that was happening.
0
lucideous
Asked:
lucideous
2 Solutions
 
ravenplCommented:
Reboot should make ssh port open again, unless You also have saved the rule into firewall permanent rules - have You?

BTW: to eliminate most of automated attacks, You could set up sshd to listen on some custom port instead of 22. It's not security(it's obscurity), but works good against script kiddies and botnets. I do it personally.
0
 
lucideousAuthor Commented:
The only command that I issued was:
iptables -I INPUT -m tcp -p tcp --dport 22 -j DROP
Does this permanently save the rule to the firewall?  I won't be able to attempt a reboot until Monday morning.  After I test the solution I will give you the points.  Thanks so much for your reply and I look forward to learning if this above command is saved.
0
 
http:// thevpn.guruCommented:
If you have webmin installed you can logon to webmin and issue some commands using the command form to delete the entry you added from iptables

Using (Note the -D)

iptables -D INPUT -m tcp -p tcp --dport 22 -j DROP

 or overwrite the command by using the following IPTABLES rule, this will add an accept rule before the DROP rule and therefore it will match first and thus accepting ssh connections

iptables -I INPUT -m tcp -p tcp --dport 22 -j ACCEPT

as @ravenpl said a reboot can fix it too.



0

Featured Post

[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now