How can I open a range of ports in ubuntu using (g)ufw
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
firewall ufw gufw
asked Oct 14 '10 at 10:00
Pieter Breed
335359
add a comment |
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
firewall ufw gufw
asked Oct 14 '10 at 10:00
Pieter Breed
335359
add a comment |
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
firewall ufw gufw
asked Oct 14 '10 at 10:00
Pieter Breed
335359
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
firewall ufw gufw
firewall ufw gufw
asked Oct 14 '10 at 10:00
Pieter Breed
335359
asked Oct 14 '10 at 10:00
Pieter Breed
335359
edited Apr 28 '17 at 3:04
user383919
asked Oct 14 '10 at 10:00
Pieter Breed
335359
asked Oct 14 '10 at 10:00
Pieter Breed
335359
asked Oct 14 '10 at 10:00
Pieter Breed
335359
335359
add a comment |
add a comment |
5 Answers
5
active
oldest
votes
You can specify port ranges to ufw (the command-line one), using : (colon) to separate the lowest and the highest port in the range. For example:
ufw allow 11200:11299/tcp
Note that the protocol part (/tcp or /udp) is mandatory with port ranges.
This works at least since Ubuntu 10.04.
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
2
+1. By the wayufw allowalso opens ports for IPv6 by default.
– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
add a comment |
Either
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
or if you need to use a from source ip range you must use full syntax
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto tcp
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto udp
see:
https://bugs.launchpad.net/ufw/+bug/1337767
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
add a comment |
I believe you can specify the range in the last tab of new rule, tick the checkbox at the bottom of the window to add more options (just to be safe). The range can be specified as 1000:1010 to open ports 1000-1010.
answered Oct 14 '10 at 10:03
evgeny
6,74222025
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
add a comment |
The cleanest command line way I've seen is a little script like this:
for i in `seq 11200 11299`; do
ufw allow $i
done
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
Allowing a range (11200:11299) is definitely cleaner.
– crishoj
Oct 20 '15 at 8:19
add a comment |
Its worth adding that if you want to restrict to a specific IP address which is allowed access to those ports you can use the following:
ufw allow proto tcp from 1.2.3.4 to any port 40000:40100
answered Dec 11 at 11:53
Antony
10626
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f7099%2fhow-can-i-open-a-range-of-ports-in-ubuntu-using-gufw%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can specify port ranges to ufw (the command-line one), using : (colon) to separate the lowest and the highest port in the range. For example:
ufw allow 11200:11299/tcp
Note that the protocol part (/tcp or /udp) is mandatory with port ranges.
This works at least since Ubuntu 10.04.
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
2
+1. By the wayufw allowalso opens ports for IPv6 by default.
– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
add a comment |
You can specify port ranges to ufw (the command-line one), using : (colon) to separate the lowest and the highest port in the range. For example:
ufw allow 11200:11299/tcp
Note that the protocol part (/tcp or /udp) is mandatory with port ranges.
This works at least since Ubuntu 10.04.
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
2
+1. By the wayufw allowalso opens ports for IPv6 by default.
– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
add a comment |
You can specify port ranges to ufw (the command-line one), using : (colon) to separate the lowest and the highest port in the range. For example:
ufw allow 11200:11299/tcp
Note that the protocol part (/tcp or /udp) is mandatory with port ranges.
This works at least since Ubuntu 10.04.
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
You can specify port ranges to ufw (the command-line one), using : (colon) to separate the lowest and the highest port in the range. For example:
ufw allow 11200:11299/tcp
Note that the protocol part (/tcp or /udp) is mandatory with port ranges.
This works at least since Ubuntu 10.04.
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
answered Oct 14 '10 at 17:05
Riccardo Murri
13.5k54449
13.5k54449
2
+1. By the wayufw allowalso opens ports for IPv6 by default.
– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
add a comment |
2
+1. By the wayufw allowalso opens ports for IPv6 by default.
– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
2
2
+1. By the way
ufw allow also opens ports for IPv6 by default.– Yauhen Yakimovich
May 26 '14 at 11:00
+1. By the way
ufw allow also opens ports for IPv6 by default.– Yauhen Yakimovich
May 26 '14 at 11:00
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
It works, but it says ERROR.
– JulianLai
Aug 29 '16 at 18:45
add a comment |
Either
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
or if you need to use a from source ip range you must use full syntax
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto tcp
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto udp
see:
https://bugs.launchpad.net/ufw/+bug/1337767
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
add a comment |
Either
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
or if you need to use a from source ip range you must use full syntax
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto tcp
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto udp
see:
https://bugs.launchpad.net/ufw/+bug/1337767
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
add a comment |
Either
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
or if you need to use a from source ip range you must use full syntax
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto tcp
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto udp
see:
https://bugs.launchpad.net/ufw/+bug/1337767
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
Either
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
or if you need to use a from source ip range you must use full syntax
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto tcp
ufw allow from AAA.BBB.CCC.DDD/EE to any port 11200:11299 proto udp
see:
https://bugs.launchpad.net/ufw/+bug/1337767
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
answered Dec 24 '15 at 2:14
OJ LaBoeuf
17113
17113
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
add a comment |
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
indexmegoogle: ufw allow ip and port ranges
– Jonathan
May 15 '16 at 2:44
add a comment |
I believe you can specify the range in the last tab of new rule, tick the checkbox at the bottom of the window to add more options (just to be safe). The range can be specified as 1000:1010 to open ports 1000-1010.
answered Oct 14 '10 at 10:03
evgeny
6,74222025
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
add a comment |
I believe you can specify the range in the last tab of new rule, tick the checkbox at the bottom of the window to add more options (just to be safe). The range can be specified as 1000:1010 to open ports 1000-1010.
answered Oct 14 '10 at 10:03
evgeny
6,74222025
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
add a comment |
I believe you can specify the range in the last tab of new rule, tick the checkbox at the bottom of the window to add more options (just to be safe). The range can be specified as 1000:1010 to open ports 1000-1010.
answered Oct 14 '10 at 10:03
evgeny
6,74222025
I believe you can specify the range in the last tab of new rule, tick the checkbox at the bottom of the window to add more options (just to be safe). The range can be specified as 1000:1010 to open ports 1000-1010.
answered Oct 14 '10 at 10:03
evgeny
6,74222025
answered Oct 14 '10 at 10:03
evgeny
6,74222025
answered Oct 14 '10 at 10:03
evgeny
6,74222025
answered Oct 14 '10 at 10:03
evgeny
6,74222025
6,74222025
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
add a comment |
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Thanks, confusing UI but it works. Now I just need to work out what the command-line would be for ufw
– Pieter Breed
Oct 14 '10 at 10:10
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
Try this: ubuntuforums.org/showthread.php?t=823741
– evgeny
Oct 14 '10 at 10:17
add a comment |
The cleanest command line way I've seen is a little script like this:
for i in `seq 11200 11299`; do
ufw allow $i
done
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
Allowing a range (11200:11299) is definitely cleaner.
– crishoj
Oct 20 '15 at 8:19
add a comment |
The cleanest command line way I've seen is a little script like this:
for i in `seq 11200 11299`; do
ufw allow $i
done
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
Allowing a range (11200:11299) is definitely cleaner.
– crishoj
Oct 20 '15 at 8:19
add a comment |
The cleanest command line way I've seen is a little script like this:
for i in `seq 11200 11299`; do
ufw allow $i
done
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
The cleanest command line way I've seen is a little script like this:
for i in `seq 11200 11299`; do
ufw allow $i
done
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
answered Oct 14 '10 at 12:16
Oli♦
220k85554762
220k85554762
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
Allowing a range (11200:11299) is definitely cleaner.
– crishoj
Oct 20 '15 at 8:19
add a comment |
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
Allowing a range (11200:11299) is definitely cleaner.
– crishoj
Oct 20 '15 at 8:19
3
3
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
I feel like this is an absolutely terrible idea. something about the idea of having hundreds of firewall rules terrifies me.
– Kirkland
Sep 19 '15 at 15:12
1
1
Allowing a range (
11200:11299) is definitely cleaner.– crishoj
Oct 20 '15 at 8:19
Allowing a range (
11200:11299) is definitely cleaner.– crishoj
Oct 20 '15 at 8:19
add a comment |
Its worth adding that if you want to restrict to a specific IP address which is allowed access to those ports you can use the following:
ufw allow proto tcp from 1.2.3.4 to any port 40000:40100
answered Dec 11 at 11:53
Antony
10626
add a comment |
Its worth adding that if you want to restrict to a specific IP address which is allowed access to those ports you can use the following:
ufw allow proto tcp from 1.2.3.4 to any port 40000:40100
answered Dec 11 at 11:53
Antony
10626
add a comment |
Its worth adding that if you want to restrict to a specific IP address which is allowed access to those ports you can use the following:
ufw allow proto tcp from 1.2.3.4 to any port 40000:40100
answered Dec 11 at 11:53
Antony
10626
Its worth adding that if you want to restrict to a specific IP address which is allowed access to those ports you can use the following:
ufw allow proto tcp from 1.2.3.4 to any port 40000:40100
answered Dec 11 at 11:53
Antony
10626
answered Dec 11 at 11:53
Antony
10626
answered Dec 11 at 11:53
Antony
10626
answered Dec 11 at 11:53
Antony
10626
10626
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f7099%2fhow-can-i-open-a-range-of-ports-in-ubuntu-using-gufw%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
