Something is blocking my server to connect to the outside world after I setup my security group

#1

I have setup security group for my server to block all incoming connections except for some:

TCP inbound 0.0.0.0/0 ports: 80, 443, 587, 993, 22 permit
TCP inbound 0.0.0.0/0 ports: ALL drop
TCO outbound 0.0.0.0/0 ports: ALL permit

After restarting, I can access my server without a problem but my server cannot access any remote location. If I go to my server and type wget google.com I will get connection timed out. If I do apt-get update, it can’t fetch anything.

UPDATE: I just tested my server. And pinging a remote location works. So the problem persists in TCP/IP stack in my opinion. I am using Ubuntu image with Docker which has a very weird networking service (there is no network manager or anything), so I don’t know if it is my server or the the security group blocking it.

#2

Disable the group and find out.

#3

Disabling the group works but I do not want to disable the group. How can I get it working? Can someone here show me a way to get the security group working? I want to drop all packets except for ports 80, 443, 587, 993, and 22. How can I do that?

#4

If the group doesn’t work then stop using it. Linux comes with a perfectly good firewall.

At a random guess, your drop all rule could be dropping all. Placing that before the permit rule might make a difference.