this is my first post, and I am a newbie of SuiteCRM. I’ve just installed it and I’m making the first configurations.
I’ve installed suiteCRM by VMWare image. I note that the OS installed is a Debian:
Linux ucs-2933 4.9.0-14-amd64 #1 SMP Debian 4.9.246-2 (2020-12-17) x86_64 GNU/Linux.
I’m surprised that default ssh is reachable by any IP, without any drop rule.
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:http **ACCEPT tcp -- anywhere anywhere tcp dpt:ssh**
I would like to grant access via ssh, just to one trusted IP.
But, also intervening by means of the usual commands (iptables-persistent), iptables configuration is lost at any reboot. It seems that something is overwriting by SuiteCRM.
Looking for a possible cause, I’ve found the following file
in which all the suitecrm default rules are set. These settings are not acceptable to me.
In the following an excerpt of such .sh file.
iptables --wait -A INPUT -p "tcp" --dport 22 -j ACCEPT ip6tables --wait -A INPUT -p "tcp" --dport 22 -j ACCEPT
How can overwrite such rules, any attempt, as said, was unsuccessful. Why I cannot act directly by iptables, how can resolve such problem.
Thanks a lot to all of you.