How to open DNS port 53 using ufw on Ubuntu/Debian Linux

ADVERTISEMENTS



How do I allow incoming DNS tcp/udp port 53 connections from a specific IP address or subnet on a Ubuntu or Debian Linux server using ufw? How can I open DNS port 53 using ufw firewall?Introduction: UFW is an acronym for uncomplicated firewall. It is used for managing a Linux firewall and aims to provide an easy to use interface for the user. In this tutorial, you will learn how to use UFW a frontend to iptables for opening incoming SSH connection on Ubuntu Linux 16.04/18.04 LTS or Debian Linux server.

DNS stands for “Domain Name System.” The DNS is a naming system for computers, servers and other network devices over the Internet. It used for resolving hostnames to IP addresses or vice versa. For e.g. hostname server1.cyberciti.biz has IPv4 address 104.20.187.5 and has IPv6 address 2400:cb00:2048:1::6814:bb05. In other words, DNS used for associating a domain name (such as cyberciti.biz) to an IP address (such as 104.20.187.5 ). It just works like the �phone book� for the Internet by easily remember computer or server names into IP addresses. DNS uses TCP and UDP port number 53.

open DNS port 53 using ufw for all

The syntax is:

sudo ufw allow dns

OR

sudo ufw allow 53/tcp

sudo ufw allow 53/udp

OR add the comment:

sudo ufw allow 53/tcp comment 'Open port DNS tcp port 53'

sudo ufw allow 53/udp comment 'Open port DNS udp port 53'

If you are running DNS on TCP/UDP port # 5353, enter:

sudo ufw allow 5353/tcp

sudo ufw allow 5353/udp

How to allow incoming DNS queries from specific IP address using ufw

Type the following command:

sudo ufw allow from {IP_ADDRESS_HERE} to any port 53

sudo ufw allow from 192.168.2.254 to any port 53

How to allow incoming DNS queries from specific subnets using ufw

Enter the following command:

sudo ufw allow from {IP_SUB/net} to any port 53

sudo ufw allow from 192.168.2.0/24 to any port 53

sudo ufw allow from 192.168.2.0/24 to 192.168.2.18 port 53

How to check the status of open DNS ports

Use the ss command or netstat command as follows:

ss -tulpn

ss -tulpn | grep :53

netstat -tulpn

netstat -tulpn | grep :53



How to check the status of ufw for DNS port 53

Simply run the following command:

sudo ufw status

sudo ufw status numbered



You can also use the iptables command as follows to list all iptables rules and port opened by iptables:

sudo iptables -L -n -v | grep :53

sudp iptable -t filter -L INPUT -n -v | more

Conclusion

And there you have it, and you just learned how to open DNS port 53 using UFW running on a Debian or Ubuntu Linux based system. For more info see the UFW man page by typing the following man command or help page here:

man ufw

