I added some rules to block some more IPs today, but I’m still receiving spam comments from them. ufw is not blocking even though I told it to.
It would seem that ufw executes rules in the order they are entered. Because the newly added block rules come after the allow rules, the allows get executed first.
The solution: a simple shell script that deletes and re-adds the allow rules
#!/bin/bash ufw delete allow 80/tcp ufw delete allow ssh ufw delete allow smtp ufw delete allow imap ufw allow 80/tcp ufw allow ssh ufw allow smtp ufw allow imap
I saved it as ufw-update and made it excutable:
chmod a+x ufw-update
Now after everytime I add more block rules I just do ./ufw-update and the allow rules are removed and re-added after the block rules. Voila!
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.