Ubuntu ufw: set a rule on a per interface basis

ubuntu firewall iptables ufw

I want to create a rule that allows anyone on eth1 to access port 80. Can UFW do this or should I go back to using Shorewall?

To clarify: this is a capabilties question, can ufw handle interfaces as a target?


I finally read the man page:

By default, ufw will apply rules to all available interfaces. To
limit  this,  specify DIRECTION on INTERFACE, where DIRECTION is
one of in or out (interface aliases  are  not  supported).   For
example,  to  allow  all  new incoming http connections on eth0,
use:

ufw allow in on eth0 to any port 80 proto tcp

To elaborate a little the answer is yes, ufw can use the interface as a target. My particular rule looked like this:

ufw allow in on eth1 to [eth1 ip addr] port 80 proto tcp

Yes, if eth1 is just a normal interface with its own IP address (and that IP address is what you're trying to grant access to):

ufw allow from any to [eth1 ip addr] port 80

But if there's anything more complicated than that, then we need more info about how this system is set up.

Related

How can one efficiently use S3 to back up files incrementally?
Getting 408 errors on our logs with no request or user agent
How to use openssh sftp command with a RSA/DSA key specified from the command line
Apache "Client denied by server configuration", despite allowing access to directory (vhost configuration)
How to forward port 80 to another port on the samemachine?
Search ec2 instance by its name from aws command line tool
How to install Docker on AWS EC2 instance with AMI (CE/EE Update)
How to check my PHP and MySQL version on Ubuntu VPS?
Chrome S3 Cloudfront: No 'Access-Control-Allow-Origin' header on initial XHR request
Does HTTPS use TCP or UDP?
How to change a SSH host key?
How do I get the MD5 of a file on Windows?