7

I have set some rules in ufw to rate limit connections, as such:

-A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --set
-A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --update --seconds 6 --hitcount 12 -j ufw-user-limit
-A ufw-user-input -p tcp --dport 25 -j ufw-user-limit-accept

These are in: before.rules

I would like to white list IPs from being subject to these rules. If I run the command:

sudo ufw allow from 192.168.0.0/24

will this range be white-listed from my rules? Or can this be done another way?

Kohjah Breese
  • 2,931

1 Answers1

15

The "answer" to your question is:

sudo ufw insert 1 allow from 192.168.0.0/24

This will put the rule first in your rule set.

The order of rules is critical in ufw/iptables as a packet will match the first rule, subsequent rules are (for the purposes of this discussion) ignored.

To see all your rules, in order,

sudo ufw status numbered

For additional information see

https://help.ubuntu.com/community/UFW

https://help.ubuntu.com/community/IptablesHowTo

http://bodhizazen.com/Tutorials/iptables

http://blog.bodhizazen.com/linux/firewall-ubuntu-gufw/

http://blog.bodhizazen.com/linux/firewall-ubuntu-desktops/

Panther
  • 104,528