How to open DNS port 53 using ufw on Ubuntu/Debian Linux

How do I allow incoming DNS tcp/udp port 53 connections from a specific IP address or subnet on a Ubuntu or Debian Linux server using ufw? How can I open DNS port 53 using ufw firewall?

Introduction: UFW is an acronym for uncomplicated firewall. It is used for managing a Linux firewall and aims to provide an easy to use interface for the user. In this tutorial, you will learn how to use UFW a frontend to iptables for opening incoming SSH connection on Ubuntu Linux 16.04/18.04 LTS or Debian Linux server.

What is DNS (Domain Name Service)?

DNS stands for “Domain Name System.” The DNS is a naming system for computers, servers and other network devices over the Internet. It used for resolving hostnames to IP addresses or vice versa. For e.g. hostname has IPv4 address and has IPv6 address 2400:cb00:2048:1::6814:bb05. In other words, DNS used for associating a domain name (such as to an IP address (such as ). It just works like the “phone book” for the Internet by easily remember computer or server names into IP addresses. DNS uses TCP and UDP port number 53.

open DNS port 53 using ufw for all

The syntax is:
sudo ufw allow dns
sudo ufw allow 53/tcp
sudo ufw allow 53/udp

OR add the comment:
sudo ufw allow 53/tcp comment 'Open port DNS tcp port 53'
sudo ufw allow 53/udp comment 'Open port DNS udp port 53'

If you are running DNS on TCP/UDP port # 5353, enter:
sudo ufw allow 5353/tcp
sudo ufw allow 5353/udp

How to allow incoming DNS queries from specific IP address using ufw

Type the following command:
sudo ufw allow from {IP_ADDRESS_HERE} to any port 53
sudo ufw allow from to any port 53

How to allow incoming DNS queries from specific subnets using ufw

Enter the following command:
sudo ufw allow from {IP_SUB/net} to any port 53
sudo ufw allow from to any port 53
sudo ufw allow from to port 53

How to check the status of open DNS ports

Use the ss command or netstat command as follows:
ss -tulpn
ss -tulpn | grep :53
netstat -tulpn
netstat -tulpn | grep :53

How to check the status of ufw for DNS port 53

Simply run the following command:
sudo ufw status
sudo ufw status numbered

You can also use the iptables command as follows to list all iptables rules and port opened by iptables:
sudo iptables -L -n -v | grep :53
sudp iptable -t filter -L INPUT -n -v | more


And there you have it, and you just learned how to open DNS port 53 using UFW running on a Debian or Ubuntu Linux based system. For more info see the UFW man page by typing the following man command or help page here:
man ufw

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum