I have two servers, let's call them server1 and server2. I want to restrict them to only be able to communicate with each other via SSH.
I'm new to iptables, but I've written the following iptables rules on server1:
Code:
iptables -A INPUT -s server2 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -s server2 -j DROP
This has the intended effect of only allowing server2 to connect to server1 over SSH, but it also has the unintended effect of preventing server1 from connecting to server2 at all. When I also do the reverse on server2, neither server can talk to the other.
Am I missing something here? Or is there perhaps a better way to do this than iptables?