What's the right syntax for covering a large range of IP addresses in a ufw/gufw rule?

raphaell · March 1, 2026, 10:40am

Ubuntu Version:
25.10 (minimal version of my flavor)

Desktop Environment (if applicable):
XFCE (minimal version of Xubuntu)

Problem Description:
Not really a problem. Just something I want to do.

I’d like to configure a firewall, preferably ufw but I might try using iptables instead, so that all the devices on my local network can do various specific forms of talking to each other, but it doesn’t affect how the firewall handles the outside internet.

Searches led me to results telling me that in the ufw syntax, you can cover a range of IP addresses by writing something like

192.168.1.0 / 19

which should apply a rule to everything from

192.168.1.0

to

192.168.1.19

But what would I write to cover the entire

192.168.x.x
range?

And, where does ufw/gufw keep its logs? I sometimes, when I try to add rules, get error messages telling me to see the logs for details, and I’d like to know where they are.

g-schick · March 1, 2026, 12:32pm

As far as I know you can match the range 192.168.x.x by using 192.168.0.0/16.
The number after the ‘/’ indicates how many bits from the left are unchangeable. The remaining 16 bits represent the range.

raphaell · March 1, 2026, 12:34pm

Oh, thank you! Then I had completely misunderstood what that last number is all about! No wonder I kept getting error messages.

system · March 2, 2026, 6:34am

This topic was automatically closed 18 hours after the last reply. New replies are no longer allowed.