How to configure iptables on RancherOS

Table of Contents


How to configure firewall rules using iptables on RancherOS


  • A RancherOS v1.5.x host


The runcmd option in cloud-config can be used to run commands, such as iptables rules, to set firewall rules on a RancherOS host. For example the following can be used to disable SSH access on port 22.

- "iptables -A INPUT -p tcp --destination-port 22 -j DROP"

The above snipet can be placed in /var/lib/rancher/conf/cloud-config.d/xxx.yaml, or added to the initial config while installing RancherOS. It will be executed every time RancherOS is booted.

You can use the following iptables command to view the status of the rules:

$ iptables -t filter -nv -L INPUT
Chain INPUT (policy ACCEPT 321 packets, 41200 bytes)
 pkts bytes target     prot opt in     out     source               destination
    9     523 DROP       tcp  --  *      *              tcp dpt:22

Further reading

More information on running command on boot can be found here.

Was this article helpful?
0 out of 0 found this helpful



Please sign in to leave a comment.