Oracle Cloud Firewall How To.
(Dumped here from the Pastebin in case it gets removed)
Inside the WebAdmin App:
- Hamburger Menu > Pinned Links > Compute / Instances
- Click on your instance name
- Under Primary VINC
- Click on the Subnet: link
- Under Security Lists
- Click on Default Security List for subnet name
- Under Ingress Rules
- Click Add Ingress Rules
For each Rule:
- Source CIDR: 0.0.0.0/0
- IP Protocol: TCP
- Destination Port Range: 6667
- Click "Add Ingress Rules"
- and click Add Ingress Rules again...
- Fill in the fields as before but for the following destination port ranges each time: 6697, 6900
- Repeat the above but with ::/0 for Source CIDR for IPv6
It should look similar to this when done: https://i.imgur.com/SzPFQha.png
- You may need to click under "Resources" in the sidebar and "Egress Rules"
- and add two Egress Rules.
- One for Destination CIDR: 0.0.0.0/0
- And one for Destination CIDR: ::/0
It should look like this when done: https://i.imgur.com/oFjS0E1.png
If you installed the oracle distro
- sudo firewall-cmd --zone=public --permanent --add-port=6667/tcp
- sudo firewall-cmd --zone=public --permanent --add-port=6697/tcp
- sudo firewall-cmd --zone=public --permanent --add-port=6900/tcp
- sudo firewall-cmd --reload
Further Firewall opening:
- Inside the SSH Prompt for Ubuntu servers:
- IP Tables Firewall unlocking (you may need to do this more than once, like after a server reboot)
- sudo nano /etc/iptables/rules.v4
- Remove these two lines
- -A INPUT -j REJECT --reject-with icmp-host-prohibited
- -A FORWARD -j REJECT --reject-with icmp-host-prohibited
- Save.
Then:
- sudo iptables -L INPUT
- If this still shows:
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Do this:
- iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
That SHOULD do it at least for IPv4.