How to block specific IP range in ufw?
13,206
Tho things to consider: I usually use deny, not reject. I'm not sure if reject is valid, so it should be:
sudo ufw deny from 216.21.13.0/24 to any port 80
Also, if you have other rule for port 80, they may be running before this one. Try looking at
sudo ufw status numbered
And you should see an output like this:
[ 1] Anywhere DENY IN x.x.x.x
[ 2] Anywhere DENY IN x.x.x.x
[ 3] 80 ALLOW IN Anywhere
[ 4] 443 ALLOW IN Anywhere
[ 5] 22 ALLOW IN x.x.x.x
[ 6] 80 (v6) ALLOW IN Anywhere (v6)
[ 7] 443 (v6) ALLOW IN Anywhere (v6)
If your rule is after the allow all port 80 traffic, then it won't ever be called because the rule above it allows all port 80 traffic.
Try putting the rule in with
sudo ufw insert 1 deny from 216.21.13.0/24 to any port 80
And it will put it at the top of the list.
Related videos on Youtube
Author by
mario
Updated on September 18, 2022Comments
-
mario over 1 year
I open terminal and type
sudo ufw reject from 216.21.13.0/24 to any port 80
But when I pick a random IP such as 216.21.13.15 I noticed it is still pingable and reachable. Why does this happen?
-
Sukhjinder Singh over 7 yearstry to check status sudo ufw status
-
mario over 7 yearsStatus is active
-
-
cryptic0 about 4 yearsWhat does the 0/24 do here? Does the range go from 216.21.13.0 through 216.21.13.24? I am trying to block an IP address that ends in 199.
-
Kevin almost 4 yearsThe 0/24 is IP address slash notation. In this case, you are specifying that 24 of the 32 bits for the IP address are defined. That's a fancy way of saying that it covers the range 216.21.13.0-216.21.13.255. You can specify a single IP address if that's what you're trying to do with the command sudo ufw insert 1 deny from 216.21.13.199 to any port 80. More on IP address slash notation can be found here: ripe.net/about-us/press-centre/understanding-ip-addressing