Gufw

Port ranges

Asked by sefs

Adding a port range say 5000 to 5100 seems flakey

It fills the rules pane with 1 rule for each of those ports so thats like 100 lines of rules.

Can it be more elegantly handled like how firestarter does it.

I say this because if you open lots of ranges you have to deal with lots and lots of lines in gufw rule pane.

Question information

Language:
English Edit question
Status:
Answered
For:
Gufw Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
costales (costales) said : 		#1

Hi!
This is a ufw question.
Best regards ;)

Revision history for this message
sefs (sefsinc) said : 		#2

What does that mean?

Revision history for this message
costales (costales) said : 		#3

Gufw is a GUI for ufw, ufw is a frontend for iptables.
ufw add rules in iptables, and ufw hasn't range ports.
Gufw give the range ports, with a loop of rules.

Revision history for this message
Vadim Peretokin (vperetokin) said : 		#4

It means that unfortunately gufw can't do anything about it. It depends on
ufw for all the work - and since ufw works like this, gufw does too.

Revision history for this message
Soul-Sing (soulzing) said : 		#5

our (that is marcos and vadim) goal was to provide a guide for ufw.

Revision history for this message
Jamie Strandboge (jdstrand) said : 		#6

ufw supports port ranges as of Ubuntu 8.10. From the man page:

         ufw allow proto tcp from any to any port 80,443,8080:8090

       This will allow all traffic to tcp ports 80, 443 and 8080-8090 inclu‐
       sive. Note that when specifying multiple ports, the ports list must be
       numeric, cannot contain spaces and must be modified as a whole. Eg, in
       the above example you cannot later try to delete just the ’443’ port.
       You cannot specify more than 15 ports (ranges count as 2 ports, so the
       port count in the above example is 4).

Can you help with this problem?

Provide an answer of your own, or ask sefs for more information if necessary.

To post a message you must log in.