(Created page with "Oracle Cloud Firewall How To. (Dumped here from the Pastebin in case it gets removed) Inside the WebAdmin App: Hamburger Menu > Pinned Links > Compute / Instances Click...") |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 5: | Line 5: | ||
Inside the WebAdmin App: | Inside the WebAdmin App: | ||
Hamburger Menu > Pinned Links > Compute / Instances | * Hamburger Menu > Pinned Links > Compute / Instances | ||
Click on your instance name | * Click on your instance name | ||
Under Primary VINC | * Under Primary VINC | ||
Click on the Subnet: link | * Click on the Subnet: link | ||
Under Security Lists | * Under Security Lists | ||
Click on Default Security List for subnet name | * Click on Default Security List for subnet name | ||
Under Ingress Rules | * Under Ingress Rules | ||
Click Add Ingress Rules | * Click Add Ingress Rules | ||
For each Rule: | For each Rule: | ||
Source CIDR: 0.0.0.0/0 | * Source CIDR: 0.0.0.0/0 | ||
IP Protocol: TCP | * IP Protocol: TCP | ||
Destination Port Range: 6667 | * Destination Port Range: 6667 | ||
Click "Add Ingress Rules" | * Click "Add Ingress Rules" | ||
and click Add Ingress Rules again... | * and click Add Ingress Rules again... | ||
Fill in the fields as before but for the following destination port ranges each time: 6697, 6900 | * Fill in the fields as before but for the following destination port ranges each time: 6697, 6900 | ||
Repeat the above but with ::/0 for Source CIDR for IPv6 | * Repeat the above but with ::/0 for Source CIDR for IPv6 | ||
It should look similar to this when done: | It should look similar to this when done: https://i.imgur.com/SzPFQha.png | ||
* You may need to click under "Resources" in the sidebar and "Egress Rules" | |||
* and add two Egress Rules. | |||
* One for Destination CIDR: 0.0.0.0/0 | |||
* And one for Destination CIDR: ::/0 | |||
And one for Destination CIDR: ::/0 | |||
It should look like this when done: https://i.imgur.com/oFjS0E1.png | It should look like this when done: https://i.imgur.com/oFjS0E1.png | ||
Further Firewall opening for Ubuntu Servers: | |||
* Inside the SSH Prompt: | |||
* IP Tables Firewall unlocking (you may need to do this more than once, like after a server reboot) | |||
* sudo nano /etc/iptables/rules.v4 | |||
* Remove these two lines | |||
* -A INPUT -j REJECT --reject-with icmp-host-prohibited | |||
* -A FORWARD -j REJECT --reject-with icmp-host-prohibited | |||
* Save. | |||
Save. | |||
Then: | Then: | ||
sudo iptables -L INPUT | * sudo iptables -L INPUT | ||
If this still shows: | * If this still shows: | ||
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited | REJECT all -- anywhere anywhere reject-with icmp-host-prohibited | ||
| Line 87: | Line 75: | ||
Do this: | Do this: | ||
iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited | * sudo iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited | ||
'''If you installed the Oracle distro:''' | |||
* sudo firewall-cmd --zone=public --permanent --add-port=6667/tcp | |||
* sudo firewall-cmd --zone=public --permanent --add-port=6697/tcp | |||
* sudo firewall-cmd --zone=public --permanent --add-port=6900/tcp | |||
* sudo firewall-cmd --reload | |||
That SHOULD do it at least for IPv4. | That SHOULD do it at least for IPv4. | ||
Latest revision as of 07:12, 23 February 2023
Oracle Cloud Firewall How To.
(Dumped here from the Pastebin in case it gets removed)
Inside the WebAdmin App:
- Hamburger Menu > Pinned Links > Compute / Instances
- Click on your instance name
- Under Primary VINC
- Click on the Subnet: link
- Under Security Lists
- Click on Default Security List for subnet name
- Under Ingress Rules
- Click Add Ingress Rules
For each Rule:
- Source CIDR: 0.0.0.0/0
- IP Protocol: TCP
- Destination Port Range: 6667
- Click "Add Ingress Rules"
- and click Add Ingress Rules again...
- Fill in the fields as before but for the following destination port ranges each time: 6697, 6900
- Repeat the above but with ::/0 for Source CIDR for IPv6
It should look similar to this when done: https://i.imgur.com/SzPFQha.png
- You may need to click under "Resources" in the sidebar and "Egress Rules"
- and add two Egress Rules.
- One for Destination CIDR: 0.0.0.0/0
- And one for Destination CIDR: ::/0
It should look like this when done: https://i.imgur.com/oFjS0E1.png
Further Firewall opening for Ubuntu Servers:
- Inside the SSH Prompt:
- IP Tables Firewall unlocking (you may need to do this more than once, like after a server reboot)
- sudo nano /etc/iptables/rules.v4
- Remove these two lines
- -A INPUT -j REJECT --reject-with icmp-host-prohibited
- -A FORWARD -j REJECT --reject-with icmp-host-prohibited
- Save.
Then:
- sudo iptables -L INPUT
- If this still shows:
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Do this:
- sudo iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
If you installed the Oracle distro:
- sudo firewall-cmd --zone=public --permanent --add-port=6667/tcp
- sudo firewall-cmd --zone=public --permanent --add-port=6697/tcp
- sudo firewall-cmd --zone=public --permanent --add-port=6900/tcp
- sudo firewall-cmd --reload
That SHOULD do it at least for IPv4.