UFW - allow range of IP addresees?
You need to use a binary number (2,4,8,16, 32) so either you use a bigger or a smaller range. Exactly 20 hosts just is not possible with a bitmask in a single rule:
-
16 hosts (192.168.1.16 to 192.168.1.31):
sudo ufw allow proto tcp from 192.168.1.16/28 to 192.168.1.48 port 80Details
Address: 192.168.1.16 11000000.10101000.00000001.0001 0000 Rule Mask: 255.255.255.240 = 28 11111111.11111111.11111111.1111 0000 Wildcard: 0.0.0.15 00000000.00000000.00000000.0000 1111 HostMin: 192.168.1.16 11000000.10101000.00000001.0001 0000 HostMax: 192.168.1.31 11000000.10101000.00000001.0000 1111 -
32 hosts (192.168.1.0 - 192.168.1.31)
sudo ufw allow proto tcp from 192.168.1.0/27 to 192.168.1.48 port 80Details
Address: 192.168.1.0 11000000.10101000.00000001.000 00000 Rule Mask: 255.255.255.224 = 27 11111111.11111111.11111111.111 00000 Wildcard: 0.0.0.31 00000000.00000000.00000000.000 11111 HostMin: 192.168.1.0 11000000.10101000.00000001.000 00000 HostMax: 192.168.1.31 11000000.10101000.00000001.000 11111 -
64 hosts (192.168.1.0 - 192.168.1.63)
sudo ufw allow proto tcp from 192.168.1.0/26 to 192.168.1.48 port 80Details
Address: 192.168.1.0 11000000.10101000.00000001.00 000000 Rule Mask: 255.255.255.192 = 26 11111111.11111111.11111111.11 000000 Wildcard: 0.0.0.63 00000000.00000000.00000000.00 111111 HostMin: 192.168.1.0 11000000.10101000.00000001.00 000000 HostMax: 192.168.1.63 11000000.10101000.00000001.00 111111
Explanation
I can't give a better explanation than wikipedia
Allow Incoming from Specific IP Address or Subnet To allow incoming connections from a specific IP address or subnet, specify the source. For example, run this command:
sudo ufw allow from 192.168.1.0/24 to any port 22
OR
sudo ufw allow from 192.168.1.0/24 to 192.168.1.48 port 80