# No interaction with private networks

There may be problems when suddenly there are complaints from the data center about scanning private networks, although you did not do it on purpose. We can block all private networks to solve this problem.

## Ufw installation

First, you should check for **ufw** on your server.

```
sudo apt install ufw
```

<figure><img src="/files/4n0h9k3dlKwjyLaRd2du" alt=""><figcaption></figcaption></figure>

Next, before enabling it, we should specify important settings to avoid losing access to services. Allow **SSH, HTTP, HTTPS** service ports.

```
sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 443
```

That’s it. Let’s turn on our firewall.

```
sudo ufw enable
```

<figure><img src="/files/jcrczQJ99uTAoQV2FKhq" alt=""><figcaption></figcaption></figure>

Next we can check the status of the firewall team

```
sudo ufw status
```

<figure><img src="/files/7tXnEYNuprtttBgVpIQ5" alt=""><figcaption></figcaption></figure>

## Private network lock

Everything is fine! Now let’s move to blocking private networks.

{% hint style="info" %}
These include:

* 10.0.0.0/8&#x20;
* 172.16.0.0/12&#x20;
* 192.168.0.0/16&#x20;
* 100.64.0.0/10
  {% endhint %}

Block them quite simply, we use the commands:

```
sudo ufw deny out from any to 10.0.0.0/8
sudo ufw deny out from any to 172.16.0.0/12
sudo ufw deny out from any to 192.168.0.0/16
sudo ufw deny out from any to 100.64.0.0/10
sudo ufw deny out from any to 198.18.0.0/15
sudo ufw deny out from any to 169.254.0.0/16
```

After addition, we can check the status of the rules again:

```
sudo ufw status

# Либо при помощи iptables:
iptables-save
```

<figure><img src="/files/Rr3LXx1ewQ4P9Dcy5glG" alt=""><figcaption></figcaption></figure>

Now, if we try to access the private network address, we get an error. For example, through the command `ping`:

```
ping 198.18.22.62
```

<figure><img src="/files/av4sWCw9Phf8kqWoving" alt=""><figcaption></figcaption></figure>

You're done!

## Unlock networks (if necessary)

Check the list of current **ufw** rules together with their numbering:

```
sudo ufw status numbered
```

<figure><img src="/files/WVw4gHFvl0jezSOopN7Q" alt=""><figcaption></figcaption></figure>

And now we can delete the necessary rule by command

```
sudo ufw delete <номер правила>
```

For example, delete rule 7:

```
sudo ufw delete 7
```

<figure><img src="/files/KePjCAkLSzp93WR9WdCH" alt=""><figcaption></figcaption></figure>

Now we have no restrictions when trying to re-address 198.18.22.62:

<figure><img src="/files/e19C7ZCMfSAnpx2AU3pu" alt=""><figcaption></figcaption></figure>

Thank you for familiarization! Now you know how to close (and open) access to your server to private networks using **ufw**.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://spacecore.gitbook.io/wiki/en/network-and-security-configuration/prohibiting-interaction-with-private-networks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.