2

I enable ufw and I tried to block all the traffic from one server, but I can't.

It only blocks ssh, all the other ports are open. I test it with telnet.

I want to allow all ports for some IPs, and block all ports if the IP is not there.

I have these rules:

sudo ufw status verbose

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

UPDATE

Also, test from iptables

iptables --policy INPUT DROP

I tried telnet for ssh, is blocking but for other services, I can still access them.

Any ideas? I don't want to create default deny for outgoing, and then whitelist every port I want.

UPDATE

The problem is that the services are running inside the container. If I create a new listener with nc the firewall is blocking that connection.

How can I block the incoming traffic for containers?

Improve this question
8
  • Did you test from another machine? Commented Oct 25, 2019 at 16:59
  • Yes, I test it from another PC also, with VPN. But still the port is open. Commented Oct 25, 2019 at 17:02
  • Can you describe what you tried in more detail? Commented Oct 25, 2019 at 18:10
  • I tried to block all the incoming traffic except from 2-3 IPs. But when i try to drop the input, same services they still listen. (Only ssh is really block) Commented Oct 25, 2019 at 18:22
  • How did you do that? If you block traffic from all IPs does it work as expected? ssh block might be due to the ssh config rather than firewall. Commented Oct 25, 2019 at 18:26

2 Answers 2

Reset to default
2

Because docker use also other Chains you have to block from DOCKER chain.

Improve this answer
0

Assuming that the host you want to blacklist has an IP address of 10.20.20.3

$ sudo ufw deny from 10.20.20.3 to any
$ sudo ufw reload
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.