Question

How can I actually check whether I'm being blocked by a firewall between my Linux machine and a target host? In case the firewall is blocking the connection how to do I unblock it?

Is it possible to allow and deny connections from IPs in Firewall? Or is it just the IP Tables?

Answer 1

Firewalls(most of them) can either Reject or Deny/Drop the traffic.  Reject action sends an ICMP Port/Destination Unreachable response back to the source while Drop/Deny action sends nothing back and will silently drop the connection. Which means the firewall is blocking the traffic.

Use the following syntax you can unblock an IP (the -d options deletes the rule from table):
# iptables -D INPUT -s xx.xxx.xx.xx -j DROP
# iptables -D INPUT -s 65.55.44.100 -j DROP
# service iptables save

To unblock or enable SSH access, go to the remote server and run the following command:

1. Using IPtables Firewall

   # iptables -I INPUT -s 192.168.1.100/24 -p tcp --dport ssh -j ACCEPT            

2. Using FirewallD

   firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp --source 192.168.1.100 -p tcp --dport 22 -j ACCEPT

To unblock ftp access

1. ​iptables -I INPUT -s 192.168.1.100 -p tcp --dport 20,21 -j ACCEPT   or

2. firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp --source 192.168.1.100 -p tcp --dport 20,21 -j ACCEPT

Try it out!

Hope this helps you!

To learn more about Linux, it's recommended to join Linux course online today.

Thanks.