How to allow an IP (ipv6) address using ufw?

I'm using Ubuntu 16.04 LTS, and I want to block all connections except some IP addresses. I ran these commands

ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw enable
ufw allow from 1.2.3.4

and it's working fine for me, But now i want to allow a ipv6 address and i'm using this command.

ufw allow from 2405:204:108e:650c:10cb:11ea:bb8f:3937

but it's not working

4

2 Answers

man ufw is the answer (at line 139), the manual mention this:

... ufw deny proto tcp from 2001:db8::/32 to any port 25 This will deny all traffic from the IPv6 2001:db8::/32 to tcp port 25 on this host. Note that IPv6 must be enabled in /etc/default/ufw for IPv6 firewalling to work.
...

Since the OP not mentioning more detail about his difficulties, I hope this answer may help you to create IPV6 ufw rules

To allow an IP(ipv6) address using ufw

  1. First enable the IPv6 in /etc/default/ufw. Probably first 4-5 lines describe what you need to do to have ufw support IPv6.
 # Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback # accepted). You will need to 'disable' and then 'enable' the firewall for # the changes to take affect. IPV6=yes

If you see IPV6=no, then edit the file to change it to IPV6=yes and save it.

$ sudo nano /etc/default/ufw

  1. Now, Do either a ufw Disable-then-Enable OR ufw Reload

    • ufw Disable-then-Enable

      $ sudo ufw disable
      $ sudo ufw enable

    • ufw Reload

      $ sudo ufw reload

      NOTE : A server/system Restart may be required for changes to take effect.

  2. Now, Re-add all your existing firewall rules so that the IPv6 rules get added.

$ sudo ufw allow proto ipv6 from x.x.x.x

2

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like