ufw question
Carl Friis-Hansen
ubuntuuser at carl-fh.com
Sun Nov 30 09:38:21 UTC 2008
howard chen wrote:
> Hello,
>
> How to block all access to ssh, but allow a specific IP range using ufw?
>
> Currently I am using...
>
> sudo ufw enable
> sudo ufw default deny
> ufw allow proto tcp from 221.124.0.0 to 221.127.255.255 port 6000
>
> I only want IP range from 21.124.0.0 to 221.127.255.255 to access my
> sshd listening on port 6000. However, the above rules seems not
> working and I cann't access my sshd.
ufw allow proto tcp from 221.124.0.0 port 6000 to 221.127.255.255 port 6000
You forgot the starting port number.
Secondly, start with the specific rule, because when a rule is honored,
then it doesn't care about what else might come thereafter.
Your input creates a file called:
/var/lib/ufw/user.rules
Have a look at that and check that everything looks right.
Lastly you have to activate the new rules:
sudo ufw disable
sudo ufw enable
Google for some examples, there are really so many good explanations and
examples out there for ufw.
Good luck, hope it will work for you.
--
+---------------------------------+-------------------+
| Carl Friis-Hansen | Fiskeryd Nybygget |
| http://computingconfidence.com/ | 341 91 Ljungby |
| Phone: +46 (0)372 15033 | Sweden |
+---------------------------------+-------------------+
More information about the ubuntu-users
mailing list