How do I stop someone from sending data to port 111?

Hey there,

Just to cover all of the bases, let's start from the top:

I would make sure you have the UFW rule in place, you achieve this by adding the rule as shown below:

sudo ufw deny 111

Then you can confirm that the rule is in place by running:

sudo ufw status

You can also turn UFW logging on so you can test to see if it is blocking the connections to that port:

sudo ufw logging on

The UFW logs should be stored here:

/var/logs/ufw

A quick test would could be a simple nmap to that port:

nmap -p111 $ipaddress

If that doesn't work, then you could try iptables. From the commands you've added above, it appears that you're only blocking UDP traffic to port 111, you may want to also block tcp unless you're using it for another service:

sudo iptables -A INPUT -p tcp --destination-port 111 -j DROP
sudo iptables -A INPUT -p udp --destination-port 111 -j DROP

I can't think of any reason why those rules wouldn't work, unless there is another service overwriting those rules, so you may want to take a look to ensure there is no other firewall software installed on your Linode. You may also want to try to flush your rules and start fresh, here is the commands for both UFW and IPtables:

sudo ufw disable
sudo iptables -F

Here is some guides with some good UFW/iptables instructions:
https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw/
https://www.linode.com/docs/security/firewalls/control-network-traffic-with-iptables/

I hope that helps!

I think I've fixed the problem but seeing traffic levels have returned to somewhat normal. The incoming 'pings' are still happening. Hopefully they will get no result after a while and just go away.

Thanks for your advice.