Firewall – control SSH and VNC access to PGJTT server

Having ports 22 (SSH) and 5901 (VNC) open to the world will attract a lot of unwanted login attempts.   This can interfere with normal operation — especially VNC which can be inaccessible for a time if many attempts happen quickly.   This firewall allows you to manage who has access, and will gracefully drop attempts by all others.

Once built, use this firewall to protect all your PGJTT Linode servers – the last step (adding a server to the firewall) is all that’s needed to add new servers as you create them.

Update the firewall rules if people’s IP addresses change.

The 90 second video


Go to the Linode/Firewalls menu, click “Create Firewall,” give the firewall a label and (optionally) choose a Linode that will be protected by this new firewall.

Create the rule to allow access

Firewall rules are processed from top to bottom.  Rules to admit people are added first.

These are followed by the last rule – to block everybody else from access to port 22 and 5901.

This is what the finished firewall looks like.  Set the default action for all other ports (like Jacktrip, OBS, Web) to “Accept” and save the changes to complete the firewall configuration.  Rules can be edited later if a person’s IP address changes.

Add a Linode Server To The Firewall

If you haven’t already selected a Linode to be protected by the firewall, do that now.