Community discussions

 
dervu
just joined
Topic Author
Posts: 8
Joined: Fri May 31, 2019 3:35 pm

SSH connections

Sun Jul 14, 2019 3:12 pm

I have IP firewall rules like that and can't connect to services like gitlab, github, bitbucket via ssh or any other host.
My DNS are 1.1.1.1 and 1.0.0.1 if it does have anything to do with it.
First router is bridged and I use VLAN tagging over WAN to get my internet.
I can't get ssh working through this router, it works through my phone (LTE).
Tried adding rules for 22 port and saw couple packets going but it still does not work.

Code: Select all

0 D ;;; special dummy rule to show fasttrack counters

chain=forward action=passthrough



1 ;;; defconf: accept established,related,untracked

chain=input action=accept connection-state=established,related,untracked



2 ;;; defconf: drop invalid

chain=input action=drop connection-state=invalid



3 ;;; defconf: accept ICMP

chain=input action=accept protocol=icmp



4 ;;; defconf: drop all not coming from LAN

chain=input action=drop in-interface-list=!LAN



5 ;;; defconf: accept in ipsec policy

chain=forward action=accept ipsec-policy=in,ipsec



6 ;;; defconf: accept out ipsec policy

chain=forward action=accept ipsec-policy=out,ipsec



7 ;;; defconf: fasttrack

chain=forward action=fasttrack-connection connection-state=established,related log=no log-prefix=""



8 ;;; defconf: accept established,related, untracked

chain=forward action=accept connection-state=established,related,untracked



9 ;;; defconf: drop invalid

chain=forward action=drop connection-state=invalid



10 ;;; defconf: drop all from WAN not DSTNATed

chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN
 
dervu
just joined
Topic Author
Posts: 8
Joined: Fri May 31, 2019 3:35 pm

Re: SSH connections

Sun Jul 14, 2019 3:39 pm

Another thing is that tcptraceroute github.com 22 shows:
So it looks like ISP thing?

Selected device enp27s0, address 192.168.88.2, port 39163 for outgoing packets
Tracing the path to github.com (140.82.118.3) on TCP port 22 (ssh), 30 hops max
1 192.168.88.1 0.183 ms 0.191 ms 0.143 ms (Mikrotik)
2 (next router in ISP network here, outside of my home) 1.632 ms 2.024 ms 1.935 ms
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 *^C

Who is online

Users browsing this forum: No registered users and 32 guests