[Mashiro]

You didn't read what I have posted... Well.

Opening port 22 only and then setting your INPUT chain to DROP will NOT WORK! You need additional rules.

The order of how you execute the iptables rules also matters. You first opened port 22 and then said to DROP all traffic. The last rules in this case overrides all rules set before. So you get disconnected.

You need to use emergency SSH to setup the firewall properly. First setup the chains and to DROP then open ports as needed and setup further rules that allow automatic replies to connections you have initialized.

It is all described in the topic I linked in my previous post: https://post4vps.com/Thread-Basic-secure...h-iptables


Basically the script you need to run to do everything in a single run is:

Code: (Select All)

iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT

Run this from a emergency SSH session or emergency VNC - NOT FROM THE VPS DIRECTLY! After running it you can attempt to connect.