22/tcp filtered ssh

donvito7 · January 30, 2019, 11:41am

I dont have any firewall but port is blocked. What is blocking it?

hcvv · January 30, 2019, 12:03pm

Not much information here!

To prove that a port is blocked, you first have to prove that some process is listening on that port. As root:

netstat -tlpn | grep 22

knurpht · January 30, 2019, 12:11pm

Even thenm check YaST - Security - Firewall. If the port is blocked, it can only be the firewall. OTOH, check whether the sshd service is running.

donvito7 · January 30, 2019, 12:16pm

ThePC:~ # netstat -tlpn | grep 22
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2223/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 14240/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2223/master
tcp6 0 0 :::22 :::* LISTEN 14240/sshd

I can do ssh internally.

hcvv · January 30, 2019, 1:04pm

It looks that sshd is listening on port 22 through IPv6.
Are you sure the client is trying to contact using IPv6 also?

And please:

There is an important, but not easy to find feature on the forums.

Please in the future use CODE tags around copied/pasted computer text in a post. It is the # button in the tool bar of the post editor. When applicable copy/paste complete, that is including the prompt, the command, the output and the next prompt.

nrickert · January 30, 2019, 2:05pm

It is listening with both IPv6 and IPv4, but it would be easier to see that with a CODE block.

We don’t know what the OP is attempting that is failing.

hcvv · January 30, 2019, 2:26pm

You are correct, it is there. I always get a headache when no CODE block.

And indeed, I already tried to hint to the OP that there is not much information in his first post.

eng-int · January 30, 2019, 4:47pm

Can you check that please with ‘systemctl status’ ?

E.g.

sysman@ns3:~> systemctl status SuSEfirewall2
● SuSEfirewall2.service - SuSEfirewall2 phase 2
   Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; disabled; >
   Active: inactive (dead)
sysman@ns3:~> systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendo>
   Active: active (running) since Thu 2019-01-17 11:23:34 GMT; 1 weeks 6 day>
     Docs: man:firewalld(1)
 Main PID: 1002 (firewalld)
    Tasks: 2 (limit: 4915)
   CGroup: /system.slice/firewalld.service
           └─1002 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid
sysman@ns3:~>

I can do ssh internally.

Do you mean within the host (your computer) or from another machine on your LAN (local network)? If the latter, do you have a firewall on your gateway’router or upstream? Where did the “filtered” message come from?