How to block forwarding of specific host
I have a home server running UFW that acts as router for a number of PC's/phones on my network. The layout is
PC -> Homeserver with UFW -> ADSL modem/router -> internet.
As default policiies I enable outgoing and forwarding (using sysctl.conf) and disable incoming connections.
Now I want to block one or more specific hosts. Therfore I add a reject line using "ufw insert 1 deny from 192.168.0.x"
This block incoming connections to the homeserver but still allows forwarding.
Is it possible to block forwarding for specific hosts using the commandline interface? I would really like to do so since I need a user friendly and scriptable firewall configuration tool.
My UFW configuration looks like:
#ufw status verbose
Status: active
Logging: on (medium)
Default: reject (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
Anywhere REJECT IN 192.168.0.11
Anywhere ALLOW IN 192.168.0.0/24
22 ALLOW IN Anywhere
80 ALLOW IN Anywhere
993 ALLOW IN Anywhere
143 ALLOW IN Anywhere
631 ALLOW IN Anywhere
22 ALLOW IN Anywhere (v6)
80 ALLOW IN Anywhere (v6)
993 ALLOW IN Anywhere (v6)
143 ALLOW IN Anywhere (v6)
631 ALLOW IN Anywhere (v6)
I am running 0.31 from Debian testing
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu ufw Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Martijn for more information if necessary.