I'm using Ubuntu 16.04 LTS, and I want to block all connections except some IP addresses. I ran these commands
ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw enable
ufw allow from 1.2.3.4and it's working fine for me, But now i want to allow a ipv6 address and i'm using this command.
ufw allow from 2405:204:108e:650c:10cb:11ea:bb8f:3937but it's not working
42 Answers
man ufw is the answer (at line 139), the manual mention this:
... ufw deny proto tcp from 2001:db8::/32 to any port 25 This will deny all traffic from the IPv6 2001:db8::/32 to tcp port 25 on this host. Note that IPv6 must be enabled in /etc/default/ufw for IPv6 firewalling to work.
...Since the OP not mentioning more detail about his difficulties, I hope this answer may help you to create IPV6 ufw rules
To allow an IP(ipv6) address using ufw
- First enable the IPv6 in
/etc/default/ufw. Probably first 4-5 lines describe what you need to do to have ufw support IPv6.
# Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback # accepted). You will need to 'disable' and then 'enable' the firewall for # the changes to take affect. IPV6=yes
If you see IPV6=no, then edit the file to change it to IPV6=yes and save it.
$ sudo nano /etc/default/ufw
Now, Do either a
ufw Disable-then-EnableORufw Reloadufw Disable-then-Enable
$ sudo ufw disable
$ sudo ufw enableufw Reload
$ sudo ufw reload
NOTE : A server/system Restart may be required for changes to take effect.
Now, Re-add all your existing firewall rules so that the IPv6 rules get added.
2$ sudo ufw allow proto ipv6 from x.x.x.x