Oracle Cloud Infrastructure Ubuntu images are default setup with a basic firewall, which filter all incoming connections except for SSH.
To list and later modify the rules. run: sudo iptables -L INPUT --line-numbers
Output:
1
2
3
4
5
6
7
8
|
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
2 ACCEPT icmp -- anywhere anywhere
3 ACCEPT all -- anywhere anywhere
4 ACCEPT udp -- anywhere anywhere udp spt:ntp
5 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
6 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
|
to remove line 6 execute sudo iptables -D INPUT 6
sudo iptables -l INPUT --line-numbers will show:
1
2
3
4
5
6
7
|
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
2 ACCEPT icmp -- anywhere anywhere
3 ACCEPT all -- anywhere anywhere
4 ACCEPT udp -- anywhere anywhere udp spt:ntp
5 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
|
save the rules and reapply them with: sudo netfilter-persistent save and sudo netfilter-persistent reload
now you can control all incoming commections via VCN security Lists or/and NSGs.