How can I make Ubuntu firewall rules ( ufw ) allow all traffic except...?

3

1

I'm new using Ubuntu and ufw command to set firewall rules. I have an apache service running and I'm able to deny the access to the root path using apache2.conf. I have another backend app running on port 3000 which is not using apache so I can't deny access through apache ( and If I'm able to to that, I don't know how ).

I try then to configure the firewall to deny access ONLY to port 3000, but when I enable the firewall it seems that the fw denies all the traffic.

What is the best way to do that?

proquibas

Posted 2015-05-22T04:28:28.887

Reputation: 35

Answers

0

I haven't tested this, and am not familiar with ubuntu's ufw but it's a simple interface to iptables and I get the idea looking at ufw commands. And I see you want to change the rule for packets coming in, from a whitelist to a blacklist.

Try ufw default allow in

Use ufw status verbose to check your changes are being made..

more rules listed here https://help.ubuntu.com/community/UFW and http://manpages.ubuntu.com/manpages/lucid/man8/ufw.8.html

and I suppose you can say ufw deny 3000/tcp (though that rule doesn't seem to specify direction)

barlop

Posted 2015-05-22T04:28:28.887

Reputation: 18 677

Thanks barlop, I use next order: 1- Deny = ufw deny 3000/tcp 2- Allow = sudo ufw allow from IP/Network to any I want only a subnet to acces the port. Now other computers can't acces. Thanks! – proquibas – 2015-05-22T06:59:36.313

@proquibas no problem. By the way, you may be interested to know for future reference, that there is a ubuntu stackexchange http://askubuntu.com/

– barlop – 2015-05-22T07:03:03.950

Asked: 2015-05-22T04:28:28.887

Viewed: 6 005 times

Active: 2015-05-22T21:32:08.350