DigitalOcean

Report this

What is the reason for this report?
Question

Does cloud firewall sources specific ip

Posted on September 21, 2020
DigitalOcean Cloud Firewalls
philippe15

By philippe15

Hi,

I have setup cloud firewall to “SSH Sources: my ipaddress” I imagined it would only allow my ip to connect to ssh.

However in my log I can see bots spamming my ssh port, shouldn`t other ips be blocked?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby
Bobby
September 21, 2020

Hi there @philippe15,

I’ve just tested this, and I can confirm that if configured correctly, the firewall will not allow any connections to your Droplet. All connections will be filtered on the firewall level and not reach your Droplet.

You need to make sure that your firewall is configured correctly in terms of rules and then assign your Droplet to the firewall.

For more information, you can take a look a the official documentation here:

https://www.digitalocean.com/docs/networking/firewalls/

Let me know if you have any questions. Regards, Bobby

0
marks567217
marks567217
September 21, 2020

Google Cloud doesn’t allow certain IP protocols, such as egress traffic on TCP port 25 within a VPC network. For more information, see always blocked traffic. Certain GRE traffic (beta) • Traffic in Cloud VPN tunnels • Traffic on Cloud Interconnect attachments (VLANs) • Traffic for forwarding rules (load balacing or protocol forwarding)

GRE is allowed within a VPC network Protocols other than TCP, UDP, ICMP, AH, ESP, SCTP, and GRE to external IP addresses of Google Cloud resources The type of resource further limits the protocol. For example, Network TCP/UDP Load Balancing supports only TCP and UDP. Also, a forwarding rule for protocol forwarding only processes a single protocol. Refer to the protocol forwarding documentation for a list of supported protocols.

Egress traffic to TCP destination port 25 (SMTP) Traffic from: • instances to external IP addresses on the internet • instances to external IP addresses of instances

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.