When creating an allow rule for example:
sudo ufw allow from 110.110.25.25 to any port 3306
Why we write 'any'?
I googled this a lot but none of the articles explain the full syntax of this statement.
Can anybody explain this?
Thank you.
Asked
Active
Viewed 1,555 times
1 Answers
4
Looking at the manual, any is referring to the destination of the traffic, which can be an IP address if forwarding traffic to a specific location on the network, or "anywhere" for a given network interface and/or port.
For example, this:
ufw route allow in on eth0 out on eth1 to 10.0.0.0/8 from 192.168.0.0/16
will allow traffic from devices on the private network via the eth1 interface to go out to 10.0.0.0/8 addresses via the eth0 interface.
Whereas this:
ufw allow in on eth0 to any port 80 proto tcp
will allow all new incoming http connections on eth0 to any destination on the host that is listening to port 80 requests.
Destinations can be locations and they can also be applications. A common example would be Apache:
ufw allow in "Apache" to any
which allows all traffic that Apache has rules for, such as ports 80 and 443, and routes them to any Apache listener based on the application profile.
Many people generally skip the to any detail, as it is implied by default when setting route, allow and deny rules.
matigo
- 22,138
- 7
- 45
- 75