Using UFW, if I create a rule, will it apply to both IPv4 and IPv6?

Question

Will UFW create the appropriate rules in both iptables and ip6tables?

Which rule? Are you talking about allowing/denying a port? An address range? — Elder Geek, Aug 06 '17 at 22:41

score 7 · Accepted Answer · answered Aug 06 '17 at 22:41

It depends whether the rule you create is generic, such as

ufw allow 22/tcp

or is specific to one address family, such as

sudo ufw allow from 192.168.1.0/24 to any port 22 proto tcp

Ex.:

$ sudo ufw allow from 192.168.1.0/24 to any port 22 proto tcp
Rule added
$ sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    192.168.1.0/24

but

$ sudo ufw allow 22/tcp
Rule added
Rule added (v6)

$ sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere                  
[ 2] 22/tcp (v6)                ALLOW IN    Anywhere (v6)

Is it safe to remove the 22/tcp (v6) – Anywhere rule along with the 22/tcp – Anywhere rule in order to lock down ssh access via port 22 to only one IP address? Or do I lock myself out, that way? Asking because as you show (and as it worked for me too), the command to allow only a specific IP only adds the 22/tcp – <IP address>, not a 22/tcp (v6) – <IP address> rule. — LinusG., Apr 22 '22 at 18:56

Using UFW, if I create a rule, will it apply to both IPv4 and IPv6?

1 Answers1