phares3757/notes-infineon
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
notes-infineon/_-Review/ufw.md
Mike Phares a6071a4073 2024-06-03
2024-06-03 07:04:29 -07:00

2.8 KiB
Raw Permalink Blame History

type, created, updated
type created updated
topic 2024-04-08T05:03:29.762Z 2024-04-14T00:50:25.358Z

Linux Firewall (ufw)

Ubuntu

sudo -i
ufw reset
ufw allow from 192.168.0.0/24 to any port 22 comment "01) SSH"
ufw allow to 0.0.0.0/0 port 80 comment "02) HTTP"
ufw allow to 0.0.0.0/0 port 443 comment "03) HTTPS"
ufw allow to 0.0.0.0/0 port 9418 comment "04) Git"
ufw allow from 192.168.0.0/24 to any port 8005 comment "05) Pi-hole"
ufw allow from 192.168.0.0/24 to any port 8006 comment "06) Ajenti"
ufw allow from 192.168.0.0/24 to any port 8007 comment "07) code-server"
ufw allow from 192.168.0.0/24 to any port 8008 comment "08) Nginx"
ufw allow from 192.168.0.0/24 to any port 5002 comment "09) BaGet"
ufw allow to 0.0.0.0/0 port 5000 comment "10) .netCore"
ufw allow to 0.0.0.0/0 port 5001 comment "11) .netCore"
ufw allow from 192.168.0.0/24 to any port 53 comment "12) DNS"
ufw allow from 192.168.0.0/24 to any port 67 comment "13) Unknown"
ufw allow from 192.168.0.0/24 to any port 9654 comment "14) barcode-server"
ufw allow from 192.168.0.0/24 to any port 8009 comment "15) barcode-server-statistics"
ufw allow from 0.0.0.0/0 to any port 9400 comment "16) dashkiosk"
ufw delete 16
ufw allow from 0.0.0.0/0 to any port 8010 comment "16) Test"
ufw allow from 0.0.0.0/0 to any port 5052 comment "17) NGINdeX.io"
ufw allow from 0.0.0.0/0 to any port 3000 comment "18) gogs"
ufw allow from 0.0.0.0/0 to any port 4001 comment "19) gogs"
ufw delete 19
ufw allow from 192.168.0.0/24 to any port 4001 comment "19) photoview api"
ufw allow from 192.168.0.0/24 to any port 1234 comment "20) photoview ui"
ufw allow from 192.168.0.0/24 to any port 3306 comment "21) mysql"
ufw allow from 192.168.0.0/24 to any port 8011 comment "22) syncthing"
ufw allow from 0.0.0.0/0 to any port 5201 comment "23) iperf3"
ufw allow from 0.0.0.0/0 to any port 5003 comment "24) Barcode-Host"
ufw status numbered
ufw enable
ufw allow from 0.0.0.0/0 to any port 8080 comment "24) acme-challenge"

ufw reset
ufw allow from 192.168.0.0/26 to any port 22 comment "01) SSH"
ufw allow to 0.0.0.0/0 port 80 comment "02) HTTP"
ufw allow to 0.0.0.0/0 port 443 comment "03) HTTPS"
ufw allow 53/tcp comment "04) DNS TCP"
ufw allow 53/udp comment "05) DNS UDP"
ufw allow 67/tcp comment "06) DHCP TCP"
ufw allow 67/udp comment "07) DHCP UDP"
ufw allow from 192.168.11.0/25 to any port 22 comment "08) SSH"
ufw allow from 192.168.21.0/25 to any port 22 comment "09) SSH"
ufw allow from 192.168.31.0/25 to any port 22 comment "10) SSH"
ufw allow from 192.168.41.0/25 to any port 22 comment "11) SSH"
ufw allow from 192.168.42.0/25 to any port 22 comment "12) SSH"
ufw allow from 192.168.43.0/25 to any port 22 comment "13) SSH"
ufw allow to 0.0.0.0/0 port 22 comment "14) SSH"
ufw enable
ufw status numbered