---
status: "4-Done"
type: "kanbn"
created: "2024-01-06T01:22:07.430Z"
updated: "2024-01-06T01:22:07.430Z"
---

# configure-ufw

```bash
sudo -i
ufw allow from 192.168.0.0/24 to any port 22 comment "01) SSH"
ufw allow to 0.0.0.0/0 port 80 comment "02) HTTP"
ufw allow to 0.0.0.0/0 port 443 comment "03) HTTPS"
ufw allow to 0.0.0.0/0 port 9418 comment "04) Git"
ufw allow from 192.168.0.0/24 to any port 8005 comment "05) Pi-hole"
ufw allow from 192.168.0.0/24 to any port 8006 comment "06) Ajenti"
ufw allow from 192.168.0.0/24 to any port 8007 comment "07) code-server"
ufw allow from 192.168.0.0/24 to any port 8008 comment "08) Nginx"
ufw allow from 192.168.0.0/24 to any port 5002 comment "09) BaGet"
ufw allow to 0.0.0.0/0 port 5000 comment "10) .netCore"
ufw allow to 0.0.0.0/0 port 5001 comment "11) .netCore"
ufw allow from 192.168.0.0/24 to any port 53 comment "12) DNS"
ufw allow from 192.168.0.0/24 to any port 67 comment "13) Unknown"
ufw allow from 192.168.0.0/24 to any port 9654 comment "14) barcode-server"
ufw allow from 192.168.0.0/24 to any port 8009 comment "15) barcode-server-statistics"
ufw allow from 0.0.0.0/0 to any port 9400 comment "16) dashkiosk"
ufw delete 16
ufw allow from 0.0.0.0/0 to any port 8010 comment "16) Test"
ufw allow from 0.0.0.0/0 to any port 5052 comment "17) NGINdeX.io"
ufw allow from 0.0.0.0/0 to any port 3000 comment "18) gogs"
ufw allow from 0.0.0.0/0 to any port 4001 comment "19) gogs"
ufw delete 19
ufw allow from 192.168.0.0/24 to any port 4001 comment "19) photoview api"
ufw allow from 192.168.0.0/24 to any port 1234 comment "20) photoview ui"
ufw allow from 192.168.0.0/24 to any port 3306 comment "21) mysql"
ufw allow from 192.168.0.0/24 to any port 8011 comment "22) syncthing"
ufw allow from 0.0.0.0/0 to any port 5201 comment "23) iperf3"
ufw enable
ufw status numbered
ufw disable
```

```conf
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22                         ALLOW IN    192.168.0.0/24             # 01) SSH
[ 2] 80                         ALLOW IN    Anywhere                   # 02) HTTP
[ 3] 443                        ALLOW IN    Anywhere                   # 03) HTTPS
[ 4] 9418                       ALLOW IN    Anywhere                   # 04) Git
[ 5] 8005                       ALLOW IN    192.168.0.0/24             # 05) Pi-hole
[ 6] 8006                       ALLOW IN    192.168.0.0/24             # 06) Ajenti
[ 7] 8007                       ALLOW IN    192.168.0.0/24             # 07) code-server
[ 8] 8008                       ALLOW IN    192.168.0.0/24             # 08) Nginx
[ 9] 5002                       ALLOW IN    192.168.0.0/24             # 09) BaGet
[10] 5000                       ALLOW IN    Anywhere                   # 10) .netCore
[11] 5001                       ALLOW IN    Anywhere                   # 11) .netCore
[12] 53                         ALLOW IN    192.168.0.0/24             # 12) DNS
[13] 67                         ALLOW IN    192.168.0.0/24             # 13) Unknown
[14] 9654                       ALLOW IN    192.168.0.0/24             # 14) barcode-server
[15] 8009                       ALLOW IN    192.168.0.0/24             # 15) barcode-server-statistics
[16] 8010                       ALLOW IN    Anywhere                   # 16) Test
[17] 5052                       ALLOW IN    Anywhere                   # 17) NGINdeX.io
[18] 3000                       ALLOW IN    Anywhere                   # 18) gogs
[19] 4001                       ALLOW IN    192.168.0.0/24             # 19) photoview api
[20] 1234                       ALLOW IN    192.168.0.0/24             # 20) photoview ui
[21] 3306                       ALLOW IN    192.168.0.0/24             # 21) mysql
[22] 8011                       ALLOW IN    192.168.0.0/24             # 22) syncthing
[23] 5201                       ALLOW IN    Anywhere                   # 23) iperf3
```

## Sub-tasks

- [x] phares3757
- [x] unity4
- [x] unity5