Ubuntu: UFW - allow range of IP addresees?



Question:

I can add a rule using UFW firewall to allow a single known IP 192.168.1.32 to access my test webserver (192.168.1.48 (on a local mostly trusted network) on Ubuntu 14.04 using:

sudo ufw allow proto tcp from 192.168.1.23 to 192.168.1.48 port 80  

Is there a way I can add a range of addressees (e.g. 192.168.1.30-192.168.1.50 to allow more machines on my current network)? Using 192.168.1.30-192.168.1.50 and 192.168.1.30-192.168.1.50 don't work and results in ERROR: Bad source address.


Solution:1

You need to use a binary number (2,4,8,16, 32) so either you use a bigger or a smaller range. Exactly 20 hosts just is not possible with a bitmask in a single rule:

  • 16 hosts (192.168.1.16 to 192.168.1.31):

    sudo ufw allow proto tcp from  192.168.1.16/28 to 192.168.1.48 port 80  

    Details

    Address:   192.168.1.16          11000000.10101000.00000001.0001 0000  Rule Mask: 255.255.255.240 = 28  11111111.11111111.11111111.1111 0000  Wildcard:  0.0.0.15              00000000.00000000.00000000.0000 1111    HostMin:   192.168.1.16          11000000.10101000.00000001.0001 0000  HostMax:   192.168.1.31          11000000.10101000.00000001.0000 1111  
  • 32 hosts (192.168.1.0 - 192.168.1.31)

    sudo ufw allow proto tcp from 192.168.1.0/27 to 192.168.1.48 port 80  

    Details

    Address:   192.168.1.0           11000000.10101000.00000001.000 00000  Rule Mask: 255.255.255.224 = 27  11111111.11111111.11111111.111 00000  Wildcard:  0.0.0.31              00000000.00000000.00000000.000 11111    HostMin:   192.168.1.0           11000000.10101000.00000001.000 00000  HostMax:   192.168.1.31          11000000.10101000.00000001.000 11111  
  • 64 hosts (192.168.1.0 - 192.168.1.63)

    sudo ufw allow proto tcp from 192.168.1.0/26 to 192.168.1.48 port 80  

    Details

    Address:   192.168.1.0           11000000.10101000.00000001.00 000000  Rule Mask: 255.255.255.192 = 26  11111111.11111111.11111111.11 000000  Wildcard:  0.0.0.63              00000000.00000000.00000000.00 111111    HostMin:   192.168.1.0           11000000.10101000.00000001.00 000000  HostMax:   192.168.1.63          11000000.10101000.00000001.00 111111  

Explanation

I can't give a better explanation than wikipedia


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »