Pi-Hole with Ubuntu and UFW

Help
1

I have noticed sites loading slowly as it looks like the timeout for blocked content takes around 30 seconds. I am aware of using iptables to sort this out.

I did get this working on Ubuntu using iptables somehow however on reboot stopped working and am unable to get it working again by re-entering the rules. Since Ubuntu is using UFW and not iptables I was wondering if anyone has a decent step by step guide for setting up these rules correctly with UFW. I have had a look around and tried a few things but no luck.

I used the following rules

iptables -A INPUT -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p udp --destination-port 80 -j REJECT --reject-with icmp-port-unreachable
iptables -A INPUT -p udp --destination-port 443 -j REJECT --reject-with icmp-port-unreachable

ip6tables -A INPUT -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset
ip6tables -A INPUT -p udp --destination-port 80 -j REJECT --reject-with icmp6-port-unreachable
ip6tables -A INPUT -p udp --destination-port 443 -j REJECT --reject-with icmp6-port-unreachable

Thanks for your assistance

2

I have figured out the issue. But is not what I excpected. Since the ip address of my pi-hole server changed the pi-hole needed re configuring. So I ran pihole -r and that resolved the issue.

Also I am not 100% but I added this to the /etc/ufw/after.rules and it seemed to work.

# Pi-Hole
-A ufw-after-input -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset
-A ufw-after-input -p udp --destination-port 80 -j REJECT --reject-with icmp-port-unreachable
-A ufw-after-input -p udp --destination-port 443 -j REJECT --reject-with icmp-port-unreachable

and /etc/ufw/after6.rules

# Pi-Hole
-A ufw6-after-input -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset
-A ufw6-after-input -p udp --destination-port 80 -j REJECT --reject-with icmp6-port-unreachable
-A ufw6-after-input -p udp --destination-port 443 -j REJECT --reject-with icmp6-port-unreachable

I hope that helps

1 Like
3

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.