How to open DNS port 53 using ufw on Ubuntu/Debian Linux

How do I allow incoming DNS tcp/udp port 53 connections from a specific IP address or subnet on a Ubuntu or Debian Linux server using ufw? How can I open DNS port 53 using ufw firewall?

Introduction: UFW is an acronym for uncomplicated firewall. It is used for managing a Linux firewall and aims to provide an easy to use interface for the user. In this tutorial, you will learn how to use UFW a frontend to iptables for opening incoming SSH connection on Ubuntu Linux 16.04/18.04 LTS or Debian Linux server.

What is DNS (Domain Name Service)?

DNS stands for “Domain Name System.” The DNS is a naming system for computers, servers and other network devices over the Internet. It used for resolving hostnames to IP addresses or vice versa. For e.g. hostname has IPv4 address and has IPv6 address 2400:cb00:2048:1::6814:bb05. In other words, DNS used for associating a domain name (such as to an IP address (such as ). It just works like the “phone book” for the Internet by easily remember computer or server names into IP addresses. DNS uses TCP and UDP port number 53.

open DNS port 53 using ufw for all

The syntax is:
sudo ufw allow dns
sudo ufw allow 53/tcp
sudo ufw allow 53/udp

OR add the comment:
sudo ufw allow 53/tcp comment 'Open port DNS tcp port 53'
sudo ufw allow 53/udp comment 'Open port DNS udp port 53'

If you are running DNS on TCP/UDP port # 5353, enter:
sudo ufw allow 5353/tcp
sudo ufw allow 5353/udp

How to allow incoming DNS queries from specific IP address using ufw

Type the following command:
sudo ufw allow from {IP_ADDRESS_HERE} to any port 53
sudo ufw allow from to any port 53

How to allow incoming DNS queries from specific subnets using ufw

Enter the following command:
sudo ufw allow from {IP_SUB/net} to any port 53
sudo ufw allow from to any port 53
sudo ufw allow from to port 53

How to check the status of open DNS ports

Use the ss command or netstat command as follows:
ss -tulpn
ss -tulpn | grep :53
netstat -tulpn
netstat -tulpn | grep :53

How to check the status of ufw for DNS port 53

Simply run the following command:
sudo ufw status
sudo ufw status numbered

You can also use the iptables command as follows to list all iptables rules and port opened by iptables:
sudo iptables -L -n -v | grep :53
sudp iptable -t filter -L INPUT -n -v | more


And there you have it, and you just learned how to open DNS port 53 using UFW running on a Debian or Ubuntu Linux based system. For more info see the UFW man page by typing the following man command or help page here:
man ufw

(adsbygoogle = window.adsbygoogle || []).push({});

Posted by: SXI ADMIN

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


How to KVM, QEMU start or stop virtual machine from command line (CLI)

KVM or Kernel Based Virtual Machine is a popular virtualization technology. It allows you to run virtual guest machines over a host machine. To start...

How to Docker backup Saving and restoring your volumes

Running a Docker volume backup First, we spin up a temporary container, and we mount the backup folder and the target Docker volume to this container....

How to Start and Enable Firewalld on CentOS 7

In this article, we discuss how to start and enable firewalld. It is highly recommended that you have a firewall protecting your server.Pre-Flight CheckThese...