Categories
Linux

How to Fix UFW Deny Rule when it is not Blocking an IP Address

ufw (Uncomplicated Firewall) is a Linux command line tool for managing Linux iptables firewall easily. It enables users to manage firewall rules on a machine with simple commands like ufw allow and ufw deny to allow or block access from an IP/subnet.

If you’ve been trying to block an IP address using ufw deny but failing to do so, then that’s probably because there maybe an ufw allow rule as well for the same IP, and it’s preceding over the deny command.

Let’s say you want to block IP/subnet 0.0.0.0/24 from accessing your machine. So you set a deny rule using the ufw deny command as follows:

sudo ufw deny from 0.0.0.0/24 to any

The above command should work perfectly under normal circumstances. However, if it’s not working as expected, then you need to see if there’s an existing rule in the iptable allowing the same IP to have access to your machine. If that’s the case, then your system will give it priority over the deny rule because it appears first in the iptable rule set.

To fix this issue, you need to prioritize the ufw deny rule over the other rules set for the same IP/subnet on your system. Run the following command:

ufw insert 1 deny from 0.0.0.0/24 to any

The insert 1 part in the command above puts the rule at position 1 in the iptables rule set. Hence, it’s prioritized over any other rule set for the same IP.

Please be sure to replace 0.0.0.0/24 with IP/subnet you want to block on your system.


🍻 Cheers!