There may be problems when suddenly there are complaints from the data center about scanning private networks, although you did not do it on purpose. We can block all private networks to solve this problem.
Ufw installation
First, you should check for ufw on your server.
Next, before enabling it, we should specify important settings to avoid losing access to services. Allow SSH, HTTP, HTTPS service ports.
That’s it. Let’s turn on our firewall.
Next we can check the status of the firewall team
Private network lock
Everything is fine! Now let’s move to blocking private networks.
These include:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
100.64.0.0/10
Block them quite simply, we use the commands:
After addition, we can check the status of the rules again:
Now, if we try to access the private network address, we get an error. For example, through the command ping
:
You're done!
Unlock networks (if necessary)
Check the list of current ufw rules together with their numbering:
And now we can delete the necessary rule by command
For example, delete rule 7:
Now we have no restrictions when trying to re-address 198.18.22.62:
Thank you for familiarization! Now you know how to close (and open) access to your server to private networks using ufw.
Last updated