I want to deny all outgoing traffic except to a specific address/address range. I attempted:
$ ufw default deny outgoing
$ ufw allow from x.x.x.x to any
$ ufw allow to x.x.x.x from any
However, access to x.x.x.x is denied.
Asked
Active
Viewed 2,840 times
-1
DankyNanky
- 554
Jab
- 1
-
Please specify the commands ran, and terminal output - plus the version on Ubuntu you are running. Please ensure you edit your question and not post as a comment. – DankyNanky May 21 '20 at 10:23
-
Furthermore, if you only want to allow a certain host, simply put a deny rule on outbound, and an allow for the one host. – DankyNanky May 21 '20 at 10:23
1 Answers
1
Firstly, you need to check that you're actually using ufw as a firewall component - perform the following:
root@loopback:/home/mn# ufw status
Status: inactive
(Note: This requires root. I strongly recommend using sudo as opposed to root)
The alternative (as you'll see, for me ufw is inactive) is to see if you're running firewalld -sudo firewall-cmd --state should return a value:
root@loopback:/home/mn# firewall-cmd --state
running
Now,if you're running ufw you can check your rules to see what you have added:
sudo ufw show added # Show user added rules
more /etc/ufw/user.rules # Show system rules
To deny all outbound traffic on ufw you would perform the following:
sudo ufw default deny outgoing
Then you set your allow hosts.
DankyNanky
- 554