how to allow from IP?
oppianmatt opened this issue · comments
How does one enable a rule like:
ufw allow from 192.168.1.0/24
If I do a:
ufw_whitelisted_ipv4_addresses:
- { port: any, protocol: any, address: "192.168.1.0/24" }
That breaks ufw
If I manually do it and inspect the user.rules file I get a:
### tuple ### allow any any 0.0.0.0/0 any 192.168.1.0/24 in
-A ufw-user-input -s 192.168.1.0/24 -j ACCEPT
But the template has:
{% for tuple in ufw_whitelisted_ipv4_addresses %}
### tuple ### allow {{ tuple.protocol }} {{ tuple.port }} 0.0.0.0/0 any {{ tuple.address }} in
-A ufw-user-input -p {{ tuple.protocol }} --dport {{ tuple.port }} -s {{ tuple.address }} -j ACCEPT
For now I have edited user.rules template to have:
{% for tuple in ufw_whitelisted_ipv4_addresses %}
### tuple ### allow {{ tuple.protocol }} {{ tuple.port }} 0.0.0.0/0 any {{ tuple.address }} in
-A ufw-user-input {% if tuple.protocol != 'any' %}-p {{ tuple.protocol }} {% endif %}{% if tuple.port != 'any' %}--dport {{ tuple.port }} {% endif %}-s {{ tuple.address }} -j ACCEPT