Skip to content

Oracle Cloud

Accounts

test

  • sergekurian : 0001kurian@gmail.com (payg)

  • alenam78: alenam78@gmail.com (instances : oci-alenam78-arm-xx)

  • e003kurian : 0003kurian@gmail.com

General setup

https://www.oracle.com/au/cloud/sign-in.html

Accounts: - sergekurian : 0001kurian@gmail.com - alenam78: alenam78@gmail.com - e003kurian : 0003kurian@gmail.com

Firewall

accept 51820

sudo iptables -A INPUT -p udp --dport 51820 -j ACCEPT
sudo iptables-save | sudo tee /etc/iptables/rules.v4

Minecraft Server

OCI Default Security List (Firewall)

Set Ingress Rules

oci-security-list-minecraft.png

IPTables

OCI - UFW is disabled by default.

https://blogs.oracle.com/developers/post/enabling-network-traffic-to-ubuntu-images-in-oracle-cloud-infrastructure

Rather than using UFW, a more direct manipulation of the iptables configuration is necessary. The easiest way to do so is modifying /etc/iptables/rules.v4.

Add table rule and persist settings 

# Update rules
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
sudo iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

# save
sudo netfilter-persistent save
# save
sudo iptables-save > /etc/iptables/rules.v4

Edit /etc/iptables/rules.v4 directly and restore Please ensure the previous line allowing SSH access is still in place or you will be locked out of your system. The line that absolutely has to remain intact reads:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

Once the rule is added it can be enabled using the following command:

$ sudo iptables-restore < /etc/iptables/rules.v4

Cloudflare subdomains configuration (SRV records)

SRV records to map sub domains to specific ports on a single host

cloudflare-minecraft-subdomains.png

CNAME for http management points to mc01 where it runs on https (8443) port

Crafty : https://mc.serverhome.info:8443/panel/dashboard

cloudflare-minecraft-http-management-site-crafty.png

misc

List 

sudo iptables -L INPUT

Results 

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ts-input   all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp spt:ntp
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Accept all and save 

sudo iptables -I INPUT -j ACCEPT

# save
sudo netfilter-persistent save
# save
sudo iptables-save > /etc/iptables/rules.v4