Something is blocking my server to connect to the outside world after I setup my security group


I have setup security group for my server to block all incoming connections except for some:

TCP inbound ports: 80, 443, 587, 993, 22 permit
TCP inbound ports: ALL drop
TCO outbound ports: ALL permit

After restarting, I can access my server without a problem but my server cannot access any remote location. If I go to my server and type wget I will get connection timed out. If I do apt-get update, it can’t fetch anything.

UPDATE: I just tested my server. And pinging a remote location works. So the problem persists in TCP/IP stack in my opinion. I am using Ubuntu image with Docker which has a very weird networking service (there is no network manager or anything), so I don’t know if it is my server or the the security group blocking it.


Disable the group and find out.


Disabling the group works but I do not want to disable the group. How can I get it working? Can someone here show me a way to get the security group working? I want to drop all packets except for ports 80, 443, 587, 993, and 22. How can I do that?


If the group doesn’t work then stop using it. Linux comes with a perfectly good firewall.

At a random guess, your drop all rule could be dropping all. Placing that before the permit rule might make a difference.