PDA

View Full Version : [SOLVED] Can I write a block all but NOT rule for UFW?



nrundy
July 23rd, 2011, 10:30 PM
For example, can I write something to the effect: block all outbound UDP connections over port 53 except those going to IP 123.456.789. Or stated another way: Block outbound to port 53/udp NOT going to ip address 123.454.678

Is it possible to do this? How would I write the argument?

uRock
July 23rd, 2011, 11:21 PM
Try that which is in my screenies.

http://ubuntuforums.org/attachment.php?attachmentid=198198&stc=1&d=1311459610

http://ubuntuforums.org/attachment.php?attachmentid=198199&stc=1&d=1311459610

bodhi.zazen
July 24th, 2011, 03:25 AM
For example, can I write something to the effect: block all outbound UDP connections over port 53 except those going to IP 123.456.789. Or stated another way: Block outbound to port 53/udp NOT going to ip address 123.454.678

Is it possible to do this? How would I write the argument?

With iptables? Assuming your outbound policy is set to allow traffic ...


iptables -A OUTPUT -p udp ! -d 123.454.687 -j DROP

That rules drops all outbound packets to udp port 53 not going to the ipaddress. If you policy is to DROP, just skip the ! ;)

nrundy
July 24th, 2011, 01:36 PM
Thanks guys!