[SOLVED] Help Me Configure My Firewall to Accept SSH...

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help

[SOLVED] Help Me Configure My Firewall to Accept SSH...

Postby w201 on Fri Jan 25, 2013 10:10 pm

Hey everyone,

I can't seem to ssh into my mint machine from another linux machine, unless I turn off my firewall.

With the firewall active, If I go to administration >firewall configuration and add rules to allow ssh connections through port 22 from a LAN address to another LAN address, it still doesn't work. Any of you guys know how to set this up so I can ssh without having to turn off my firewall?

Thanks a bunch!
Last edited by w201 on Sat Jan 26, 2013 1:14 am, edited 1 time in total.
w201
Level 2
Level 2
 
Posts: 82
Joined: Wed Aug 22, 2012 8:34 pm

Linux Mint is funded by ads and donations.
 

Re: Help Me Configure My Firewall to Accept SSH Connections

Postby mint-me on Sat Jan 26, 2013 12:15 am

I assume you are using gufw/ufw.

Set the top drop-down, Incoming -> Allow
this will allow all incoming connections.

Allow ftp connection first, add rule from "Advanced" tab:
Allow > In > Both
From: IP [Client]
To: IP [Server] Port [22]

Then block all other incoming, add rules from "Simple" tab:
Deny > In > TCP 1:65535
Deny > In > UDP 1:65535

That should do it.
Mint 17 Cinnamon 64bit
Dell Inspiron 15R(N5110) Intel i7-2670QM, 4GB DDR3 1333Mhz, Intel 6 Express HM67
GeForce GT525M, 500G SATA, 15.6" HD 1366x768 Optimus on Bumblebee
mint-me
Level 2
Level 2
 
Posts: 83
Joined: Sat May 26, 2012 2:25 am
Location: australia

Re: Help Me Configure My Firewall to Accept SSH Connections

Postby w201 on Sat Jan 26, 2013 1:13 am

mint-me wrote:I assume you are using gufw/ufw.

Set the top drop-down, Incoming -> Allow
this will allow all incoming connections.

Allow ftp connection first, add rule from "Advanced" tab:
Allow > In > Both
From: IP [Client]
To: IP [Server] Port [22]

Then block all other incoming, add rules from "Simple" tab:
Deny > In > TCP 1:65535
Deny > In > UDP 1:65535

That should do it.


That did it, mint-me. You're a rockstar :mrgreen:
w201
Level 2
Level 2
 
Posts: 82
Joined: Wed Aug 22, 2012 8:34 pm

Re: [SOLVED] Help Me Configure My Firewall to Accept SSH...

Postby mint-me on Sat Jan 26, 2013 7:29 pm

Glad to be of help, w201.

The way you are doing it (SSH) is also my favorite, and most secure way to connect on the network.

Enjoy!
Mint 17 Cinnamon 64bit
Dell Inspiron 15R(N5110) Intel i7-2670QM, 4GB DDR3 1333Mhz, Intel 6 Express HM67
GeForce GT525M, 500G SATA, 15.6" HD 1366x768 Optimus on Bumblebee
mint-me
Level 2
Level 2
 
Posts: 83
Joined: Sat May 26, 2012 2:25 am
Location: australia

Re: [SOLVED] Help Me Configure My Firewall to Accept SSH...

Postby ronkz on Sat Aug 16, 2014 2:37 pm

@Mint-Me:
Your solutions here appear to be correct. BUT I made those settings and they don't work for me.
I'm running Cinnamon 16 until I can manage to install Mate 17 - another story. Have installed GUTW and UTW was already here.

My servers are ISP Frontier.com and Webserver Powweb.com;
I can receive/send on both servers using their webmail.
But on Thunderbird 24.6.0 neither server's smtp will Send
On Powweb my new POP mail comes in fine, but I cannot reply/send.
On Frontier neither POP nor SMTP works.
Thunderbird was working okay until maybe a couple of months ago but then no longer did what is expected on send/receive.

The only other thing I can think of causing this problem would be the Anti-Virus app I installed about the same time when all these problems arose. It seems that messing with the firewall settings fixes nothing.

I'd appreciate any thoughts you may have
Ditching WinDoze tough but necessary
User avatar
ronkz
Level 1
Level 1
 
Posts: 41
Joined: Thu Mar 21, 2013 9:35 am
Location: Arizona Rockies

Re: [SOLVED] Help Me Configure My Firewall to Accept SSH...

Postby mint-me on Sat Aug 16, 2014 6:43 pm

hi rokz, this sounds like email problems which may (or may not) be caused by Firewall settings. Really should post this as a new thread.
Generally you will ALLOW OUT mostly everything, and DENY IN mostly everything with exceptions to allow incoming requests to a server - on your machine.

Do you use anything to monitor connections? That is essential if you want to "see" whats happening. Here is a handy program that can help, and is available in Mint repos.


hardinfo


It's called "hardinfo" and once installed, appears under
Menu > Administration > System Profiler and Benchmark

Install it from Software Manager, or open terminal and enter
Code: Select all
sudo apt-get install hardinfo


The section I frequently use to monitor connections is
Network > IP Connections

A shortcut can be made that launches just the Network module, just insert this as Command:
Code: Select all
hardinfo -m network.so



Now you can see all connections made, IP Addresses and Ports. For email there are various ports used, so monitor whats happening and craft your firewall rules accordingly.
Mint 17 Cinnamon 64bit
Dell Inspiron 15R(N5110) Intel i7-2670QM, 4GB DDR3 1333Mhz, Intel 6 Express HM67
GeForce GT525M, 500G SATA, 15.6" HD 1366x768 Optimus on Bumblebee
mint-me
Level 2
Level 2
 
Posts: 83
Joined: Sat May 26, 2012 2:25 am
Location: australia

Re: [SOLVED] Help Me Configure My Firewall to Accept SSH...

Postby ronkz on Sun Aug 17, 2014 10:09 am

@mint-me
Well, yes, part of my post might be considered a diversion, for which I apologize, but all I was really doing was reporting that the solution didn't work for me, and 'fessing I did figure that the problems lie elsewhere.

As to HARDINFO, I installed and ran it, and it's amazing, but seeing all that information, understanding what it's all about, and being able to do something with it, is way beyond me! So I thank you for the info, but I'm unable to attack from this angle. I guess I'll have to try (and probably again fail) to get my ISP support at frontier.com to fix my headaches. Frankly, they say they don't support anything Linux, plus it's apparent few of them even know Thunderbird. So I'm hunting now for a better ISP, which under these circumstances is quite a task!

So I thank you for showing your savvy. amd we can both just move on to other matters!

:oops:
Ditching WinDoze tough but necessary
User avatar
ronkz
Level 1
Level 1
 
Posts: 41
Joined: Thu Mar 21, 2013 9:35 am
Location: Arizona Rockies

Linux Mint is funded by ads and donations.
 

Return to Newbie Questions

Who is online

Users browsing this forum: Bing [Bot], lewtwo, simonbrown and 20 guests