Score:0

UFW block port UDP 67 on all but specific interfaces?

in flag

I am new to UFW, trying to quit iptables for something that appears to be a lot easier at face value.

I am just trying to get my head around the logic and do not know much about it yet.

I have a global listening UDP port 67 that I am unable to disable due to configuration issues with a 3rd party application.

so the plan is to block this port on all but a specific interface / IP, it's still needed on only one side of the network.

How would I do this using UFW? let's say the interface I want to allow is eth0 with the static IP 192.168.0.50

Score:0
ma flag
sudo ufw allow on eth0 to any port 67 proto udp

Ubuntu UFW documentation
UFW Cheatsheet by @rstp

TheHidden avatar
in flag
ah ok.... do i need to deny all first?
d4n3sh avatar
ma flag
I think UFW denies by default but this is something you can test with telnet to verify. But yes normally you would start with deny all.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.