How to block IP addresses via ufw
The article describes how to block specific IP addresses via ufw.
UFW (Uncomplicated Firewall) is a standard utility for configuring iptables firewall for Ubuntu Linux OS. It uses a command line interface consisting of a small number of simple commands. UFW is a convenient way to create a basic IPv4 or IPv6 firewall to protect the server.
')
Syntax:
To block or close all packages from 192.168.1.5, enter:
We show the status of the firewall including the rules. To check the newly added rules, enter:
or
Syntax:
To block or close the "spammer" IP addresses 202.54.1.5 of port 80, enter:
Recheck with the following command:
Result:
Syntax:
For example, blocking malicious IP addresses 202.54.1.1 tcp port 22, enter:
Subnet lock through ufw. The syntax is the same:
Syntax:
To delete rule # 4, enter:
Result:
Hint: UFW NOT blocking IP address
To avoid unnecessary problems with unnecessary blocking, you need to change the / etc / ufw / before.rules file and add the section “Block an IP Address” after “# End required lines”.
Add your rule for block from spam or hackers:
Save and close the file. And - restart the firewall:
UFW (Uncomplicated Firewall) is a standard utility for configuring iptables firewall for Ubuntu Linux OS. It uses a command line interface consisting of a small number of simple commands. UFW is a convenient way to create a basic IPv4 or IPv6 firewall to protect the server.
')
Blocking specific IP addresses via ufw
Syntax:
sudo ufw deny from {ip-address-here} to any To block or close all packages from 192.168.1.5, enter:
sudo ufw deny from 192.168.1.5 to any We show the status of the firewall including the rules. To check the newly added rules, enter:
$ sudo ufw status numbered or
$ sudo ufw status Blocking specific IP and port numbers via ufw
Syntax:
ufw deny from {ip-address-here} to any port {port-number-here} To block or close the "spammer" IP addresses 202.54.1.5 of port 80, enter:
sudo ufw deny from 202.54.1.5 to any port 80 Recheck with the following command:
$ sudo ufw status numbered Result:
Closing certain IP, port numbers and protocols via ufw
Syntax:
sudo ufw deny proto {tcp|udp} from {ip-address-here} to any port {port-number-here} For example, blocking malicious IP addresses 202.54.1.1 tcp port 22, enter:
$ sudo ufw deny proto tcp from 202.54.1.1 to any port 22 $ sudo ufw status numbered Subnet lock through ufw. The syntax is the same:
$ sudo ufw deny proto tcp from sub/net to any port 22 $ sudo ufw deny proto tcp from 202.54.1.0/24 to any port 22 How to remove blocking and unblock IP addresses
Syntax:
$ sudo ufw status numbered $ sudo ufw delete NUM To delete rule # 4, enter:
$ sudo ufw delete 4 Result:
deny from 202.54.1.5 to any port 80 Proceed with operation (y|n)? y Rule deleted Hint: UFW NOT blocking IP address
To avoid unnecessary problems with unnecessary blocking, you need to change the / etc / ufw / before.rules file and add the section “Block an IP Address” after “# End required lines”.
$ sudo vi /etc/ufw/before.rules # End required lines Add your rule for block from spam or hackers:
Save and close the file. And - restart the firewall:
$ sudo ufw reload Source: https://habr.com/ru/post/230201/
All Articles