UFW Essentials: Common Firewall Rules and Commands
Block an IP Address To block all network connections that originate from a specific IP address, 15.15.15.51 for example, run this command: sudo ufw deny from 15.15.15.51 In this example, from 15.15.15.51 specifies a source IP address of “15.15.15.51”. If you wish, a subnet, such as 15.15.15.0/24 , may be specified here instead. The source IP address can be specified in any firewall rule, including an allow rule. Block Connections to a Network Interface To block connections from a specific IP address, e.g. 15.15.15.51 , to a specific network interface, e.g. eth0 , use this command: sudo ufw deny in on eth0 from 15.15.15.51 This is the same as the previous example, with the addition of in on eth0 . The network interface can be specified in any firewall rule, and is a great way to limit the rule to a particular network. Service: SSH If you’re using a cloud server, you will probably want to allow incoming SSH connecti...