![](http://habrastorage.org/getpro/habr/avatars/a3a/08c/a6d/a3a08ca6d83ca31e1ca143b719c9ea6d.jpg)
How to block IP addresses through ufw
The article describes how to block specific IP addresses through ufw.
UFW (Uncomplicated Firewall) is a standard iptables firewall utility for Ubuntu Linux. It uses a command line interface consisting of a small number of simple commands. UFW is a convenient way to create a basic IPv4 or IPv6 firewall to protect the server.
![](https://habrastorage.org/files/ed5/830/e11/ed5830e1154a44ef8bad05d8b728378f.jpeg)
Syntax:
To block or close all packets with 192.168.1.5, enter:
We show the status of the firewall including the rules. To check recently added rules, enter:
or
![](https://habrastorage.org/files/393/0ac/c44/3930acc44696484fb14353727946af04.png)
Syntax:
To block or close the "spam" IP addresses 202.54.1.5 of port 80, enter:
We check again using the following command:
Result:
![](https://habrastorage.org/files/39a/2ce/b91/39a2ceb913f44a3b815238949b8b15bc.png)
Syntax:
For example, blocking malicious IP addresses 202.54.1.1 tcp port 22, enter:
Subnet lock via ufw. The syntax is the same:
Syntax:
To remove rule # 4, enter:
Result:
Hint: UFW NOT blocking the IP address
In order to avoid unnecessary problems with unnecessary blocking, you need to change the / etc / ufw / before.rules file and add the section “Block an IP Address” after “# End required lines”.
Add your rule for block against spam or hackers:
![](https://habrastorage.org/files/d08/3c7/07f/d083c707f03f4e0f9d4a56c3f0c61eba.png)
Save and close the file. And - reload the firewall:
UFW (Uncomplicated Firewall) is a standard iptables firewall utility for Ubuntu Linux. It uses a command line interface consisting of a small number of simple commands. UFW is a convenient way to create a basic IPv4 or IPv6 firewall to protect the server.
![](https://habrastorage.org/files/ed5/830/e11/ed5830e1154a44ef8bad05d8b728378f.jpeg)
Block specific IP addresses through ufw
Syntax:
sudo ufw deny from {ip-address-here} to any
To block or close all packets with 192.168.1.5, enter:
sudo ufw deny from 192.168.1.5 to any
We show the status of the firewall including the rules. To check recently added rules, enter:
$ sudo ufw status numbered
or
$ sudo ufw status
![](https://habrastorage.org/files/393/0ac/c44/3930acc44696484fb14353727946af04.png)
Block specific IP and port numbers through ufw
Syntax:
ufw deny from {ip-address-here} to any port {port-number-here}
To block or close the "spam" IP addresses 202.54.1.5 of port 80, enter:
sudo ufw deny from 202.54.1.5 to any port 80
We check again using the following command:
$ sudo ufw status numbered
Result:
![](https://habrastorage.org/files/39a/2ce/b91/39a2ceb913f44a3b815238949b8b15bc.png)
Closing certain IP, port and protocol numbers through ufw
Syntax:
sudo ufw deny proto {tcp|udp} from {ip-address-here} to any port {port-number-here}
For example, blocking malicious IP addresses 202.54.1.1 tcp port 22, enter:
$ sudo ufw deny proto tcp from 202.54.1.1 to any port 22
$ sudo ufw status numbered
Subnet lock via ufw. The syntax is the same:
$ sudo ufw deny proto tcp from sub/net to any port 22
$ sudo ufw deny proto tcp from 202.54.1.0/24 to any port 22
How to remove blocking and unlock IP addresses
Syntax:
$ sudo ufw status numbered
$ sudo ufw delete NUM
To remove rule # 4, enter:
$ sudo ufw delete 4
Result:
deny from 202.54.1.5 to any port 80
Proceed with operation (y|n)? y
Rule deleted
Hint: UFW NOT blocking the IP address
In order to avoid unnecessary problems with unnecessary blocking, you need to change the / etc / ufw / before.rules file and add the section “Block an IP Address” after “# End required lines”.
$ sudo vi /etc/ufw/before.rules
# End required lines
Add your rule for block against spam or hackers:
![](https://habrastorage.org/files/d08/3c7/07f/d083c707f03f4e0f9d4a56c3f0c61eba.png)
Save and close the file. And - reload the firewall:
$ sudo ufw reload