Hello everybody,
I am learning to use UFW. I need to setup a firewall that does the following:
1) Allows files being sent via a LAN cable
2) Allows WLAN connection to gmail and other Google services
3) Blocks everything else
The number 1 seems to be easy (just "sudo ufw allow ssh"); number 3 can also be brute-forced
("sudo ufw deny out from any to any") [BTW why doesn't "sudo ufw deny out from 80 to any" work?]
The problem is number 2. Google uses the IP range 172.217.0.0-172.217.255.255, so I need to allow
all that. How is this done?
UFW: Blocking all internet but allowing Google
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
- Level 1
- Posts: 44
- Joined: Thu Dec 27, 2018 11:30 am
UFW: Blocking all internet but allowing Google
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: UFW: Blocking all internet but allowing Google
Hello MechWright and Welcome to Linux Mint Forums,
The easiest way would be to create rules for what you want to do. I use gufw which is the graphical front end for ufw. simply create a rule allowing those IP addresses to access the machine. Here a web page that may be of help: https://www.linux.com/learn/introductio ... rewall-ufw or from the command line this one: https://www.putorius.net/ufw-uncomplica ... asics.html Good Luck.
P.S. you may have to allow your router IP and Printer addresses also to get to the internet and to your printer if you have one.
The easiest way would be to create rules for what you want to do. I use gufw which is the graphical front end for ufw. simply create a rule allowing those IP addresses to access the machine. Here a web page that may be of help: https://www.linux.com/learn/introductio ... rewall-ufw or from the command line this one: https://www.putorius.net/ufw-uncomplica ... asics.html Good Luck.
P.S. you may have to allow your router IP and Printer addresses also to get to the internet and to your printer if you have one.
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
-
- Level 1
- Posts: 44
- Joined: Thu Dec 27, 2018 11:30 am
Re: UFW: Blocking all internet but allowing Google
Thanks for the reply kc1di,
however, I am familiar with the basic functionality of UFW; what I couldn't find even after scanning through numerous
UFW guides is HOW TO BLOCK OR ALLOW A BIG RANGE OF IP ADDRESSES, in my case, allow all the range Google
is using,
172.217.0.0 - 172.217.255.255,
i.e. 172.217.*.* in the language UFW understands.
however, I am familiar with the basic functionality of UFW; what I couldn't find even after scanning through numerous
UFW guides is HOW TO BLOCK OR ALLOW A BIG RANGE OF IP ADDRESSES, in my case, allow all the range Google
is using,
172.217.0.0 - 172.217.255.255,
i.e. 172.217.*.* in the language UFW understands.
Re: UFW: Blocking all internet but allowing Google
I figured you would want to let everything in but Google
Re: UFW: Blocking all internet but allowing Google
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
-
- Level 1
- Posts: 44
- Joined: Thu Dec 27, 2018 11:30 am
Re: UFW: Blocking all internet but allowing Google
Ok, how would you do that?figured you would want to let everything in but Google
Re: UFW: Blocking all internet but allowing Google
MechWright wrote: ⤴Mon Mar 11, 2019 6:54 am The problem is number 2. Google uses the IP range 172.217.0.0-172.217.255.255, so I need to allow
all that. How is this done?
172.217.0.0/16
should allow 172.217.0.0 - 172.217.255.255.-
- Level 1
- Posts: 44
- Joined: Thu Dec 27, 2018 11:30 am
Re: UFW: Blocking all internet but allowing Google
Sorry guys, need more help. Despite ~100 attempts, can't get this right.
sudo ufw deny out to any
sudo ufw allow in from 172.217.0.0/16
sudo ufw allow out to 172.217.0.0/16
seems to just block all the internet and doesn't allow me to access Google drive (which is the point of allowing Google).
What am I doing wrong?
sudo ufw deny out to any
sudo ufw allow in from 172.217.0.0/16
sudo ufw allow out to 172.217.0.0/16
seems to just block all the internet and doesn't allow me to access Google drive (which is the point of allowing Google).
What am I doing wrong?