Linux Firewall
Note: A firewall isn't the only thing preventing a connection. For example, for an ssh connection to a Linux VirtualBox virtual machine...
You need openssh-server installed and the sshd daemon running
You need to configure VirtualBox to use a Bridged Network Adapter (instead of the default NAT)
You need port 22/tcp open through the firewall
Identify Firewall
You are likely using ufw or firewalld. Try these commands...
systemctl status firewalld
systemctl status ufw
firewalld
Check
firewall-cmd --version
firewall-cmd --state
firewall-cmd --zone=public --list-ports
firewall-cmd --permanent --zone=public --list-ports
firewall-cmd --list-all-zones
firewall-cmd --get-active-zones
firewall-cmd --get-default-zone
firewall-cmd --get-service
firewall-cmd --get-service --permanent
firewall-cmd --runtime-to-permanent
Which version of firewalld is installed
is it running?
which ports are open now?
which ports will be open after reboot?
Overwrite permanent config with active runtimw config
Adding Ports
firewall-cmd --permanent --zone=public --list-ports
If you want to be able to connect via ssh you should see this in the output to the above command...
22/tcp
If you don't see it, do this to add it...
firewall-cmd --zone=public --add-port=22/tcp
If you want the change to still be ther after a reboot...
firewall-cmd --permanent --zone=public --add-port=22/tcp
For Oracle database access
For Oracle database access you will need commands similar to this...
firewall-cmd --zone=public --add-port=1521/tcp # Assumes listener is running on port 1521
firewall-cmd --zone=public --permanent --add-port=1521/tcp # Assumes listener is running on port 1521
For MySQL database access
firewall-cmd --zone=public --add-port=3306/tcp # Assumes MySQL is running on port 3306
firewall-cmd --zone=public --permanent --add-port=3306/tcp # Assumes MySQL is running on port 3306
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --zone=public --add-port=33060/tcp --permanent
firewall-cmd --zone=public --add-port=33061/tcp --permanent
firewall-cmd --reload
To enable default MySQL Port
To enable default X-Protocol (object store) Port
To enable group replication (InnoDB cluster) Port
Make the permanent changes active now (without restart)
UFW
Check
sudo ufw status
Enable
If status shows as "inactive" you can enable the firewall using the command below...
Until you enable the firewall no connections will be allowed; even if you have entered the commands to allow them.sudo ufw enable
Once enabled the firewall should remain enabled even across restartsAdding Ports
sudo ufw allow ssh
sudo ufw allow 22/tcp
sudo ufw allow from 9.9.9.9 to any port 22 # Where 9.9.9.9 is a valid IP Address
sudo ufw allow from 9.9.9.9/9 to any port 22 # Where 9.9.9.9/9 is a valid CIDR block
CIDR
Limiting Ports
Deny connections from an IP address that has attempted to initiate 6 or more connections...
sudo ufw limit ssh
sudo ufw limit 22/tcp
Removing Rules
sudo ufw status numbered
sudo ufw delete 1
VirtualBox
Open VirtualBox Manager, select your target VM, open up the Settings → Network and select "Bridge Networking" instead of "NAT".
Even if you have opened Firewall ports, if you have not made this change you will not be able to connect to your virtual host from any other host on your network.Bibliography
firewalldhttps://oracle-base.com/articles/linux/linux-firewall-firewalldhttps://linuxhint.com/ssh_virtualbox_guest/https://help.ubuntu.com/community/UFWhttps://www.thegeekdiary.com/5-useful-examples-of-firewall-cmd-command/https://firewalld.org/documentation/man-pages/firewall-cmd.html
ufwhttps://www.cyberciti.biz/faq/ufw-allow-incoming-ssh-connections-from-a-specific-ip-address-subnet-on-ubuntu-debian/