Hi,

I would like to apply a rule to more that one port at a time with UFW.
For example to open the ports from 1000 to 2000 for a computeur.
I try the folowing syntax :

ufw allow proto tcp from 192.168.3.5 to any port 1000-2000

but 1000-2000 is not a valid port, as well as 1000:2000, 1000,2000, 1000;2000 etc ....
I don't find the syntax in the documentation :confused:

thanks for your help

Have you found an answer??? I am looking for the same))

I'm looking for the same answer

No I did not find the answer, I suppose that UFW is to limited to manage a port range [-(

Have you found the answer at:

https://wiki.ubuntu.com/UbuntuFirewall

Here the syntax is written as:
ufw allow|deny [proto <protocol>] [from <address> [port <port>]] [to <address> [port <port>]]

I would try instead:
ufw allow proto tcp from 192.168.3.5 to any port 1000-2000


this:

ufw allow proto tcp from 192.168.3.5 port 1000 to 192.168.3.5 port 2000

The ufw rule


ufw allow proto tcp from 192.168.3.5 port 1000 to 192.168.3.5 port 2000

will only allow 192.168.3.5 port tcp/2000 to accept traffic from 192.168.3.5 port tcp/1000


You could try something like


-A ufw-before-input -p udp -m udp --dport 1000:2000 -j ACCEPT


in /etc/ufw/before.rules


You will probably need a better rule than this example - this will open up every udp port between 1000 and 2000 to everyone!

Looks like a port range support is being worked on at the moment, but not working in my Ubuntu Hardy yet:

http://bazaar.launchpad.net/~jdstrand/ufw/trunk/revision/185

my current solution has been to do this:


for i in `seq 1000 2000`; do
ufw allow $i
done


realizing that this will put a thousand rules into your ufw config, but at least it gets the job done.

Gufw version 0.20.0 allows you to insert port range (ufw will too). it hasn't been released yet. That is, if you prefer to configure ufw in a GUI.

http://gufw.tuxfamily.org