-1

To understand better please look this short video

I can not solve a problem about a problem of dialogue between iptables and security group of EC2

The only way to connect to server using my elastic public is IP 35.156.xx.xx:27015 seems to set on EC2 this rule:

Custom UDP Rule UDP 27015 0.0.0.0/0

BUT this is not enough because I have to use this command from terminal to unlock connection

iptables -F

In one picture I set this configuration http:// i.imgur.com/X12Iq9X.png

But what is sense to clear all rules temporally ? Why flush all chains ? Is not dangerous ?

These rules from terminal are no effects

iptables -A INPUT -p udp --dport 27015 -j ACCEPT
iptables -P OUTPUT -p udp --dport 27015 -j ACCEPT
iptables -A INPUT -p tcp --dport 27015 -j ACCEPT

My relevant data is this - I copy on pastebin because it is little too long Link: http://pastebin.com/bmxcF2kV

lab teh
  • 1
  • 2
  • 2
    Your question makes little to no sense to me, given I'm not watching a video to help you. Take a step back, describe the big picture in a way someone other than you can understand it. IPTables and your security groups are independent and do not interact. – Tim Mar 09 '17 at 03:50
  • Look this http://i.imgur.com/X12Iq9X.png – lab teh Mar 09 '17 at 04:54
  • My problem is simply - to connect to server I have to use `iptables -F` but I don't understand why I need to clear all firewall rules to make this – lab teh Mar 09 '17 at 05:00
  • Solved, thanks - problem it was wrong letter, I was used `-A` insted of `-I`. No amazon problem, I ask mercy – lab teh Mar 09 '17 at 05:28
  • @labteh not a wrong letter, in fact `iptables -A` appends rules **at the end of the ruleset** whereas `iptables -I` inserts the rule **at a specific position** in the ruleset. That's why your ruleset wasn't filled with desired configuration. Wish you good luck. –  Mar 09 '17 at 05:36
  • @Farax I see now, thanks - wrong order of rules - ok – lab teh Mar 09 '17 at 08:09

1 Answers1

0

You can try insert instead of append in iptables rule to allow specific port.

iptables -I INPUT -p udp --dport 27015 -j ACCEPT

Also dont forget to save iptables after apply this rule.

/sbin/service iptables save
Vaibhav Panmand
  • 1,038
  • 7
  • 17