Difference between revisions of "Firewall"

From Blue-IT.org Wiki

(Easy setup)
(Ubuntu ufw)
Line 1: Line 1:
 
== Ubuntu ufw ==
 
== Ubuntu ufw ==
 +
Generally check status with
 +
sudo ufw status verbose
 +
 
=== Ggufw ===
 
=== Ggufw ===
 
With single IP
 
With single IP
Line 16: Line 19:
 
  sudo ufw allow Samba
 
  sudo ufw allow Samba
 
or
 
or
  sudo ufw allow from any app Samba to "192.168.0.1"
+
  sudo ufw allow from any app Samba to 192.168.0.1
 +
sudo ufw allow from 192.168.1.0/24 to any app samba
  
 
==== Special setup ====
 
==== Special setup ====
Line 34: Line 38:
 
Avahi / bonjour /zeroconf
 
Avahi / bonjour /zeroconf
 
  sudo ufw allow proto udp to any port 5353 from 192.168.0.0/16
 
  sudo ufw allow proto udp to any port 5353 from 192.168.0.0/16
 +
 +
=== Cups ===
 +
sudo ufw allow from 192.168.1.0/24 to any app cups

Revision as of 13:02, 27 February 2011

Ubuntu ufw

Generally check status with

sudo ufw status verbose

Ggufw

With single IP

Regel hinzufügen 002.png

With IP range

Regel hinzufügen 003.png

Qsynergy

sudo ufw allow proto tcp to any port 24800 from 192.168.0.0/16

Samba

Easy setup

sudo ufw allow Samba

or

sudo ufw allow from any app Samba to 192.168.0.1
sudo ufw allow from 192.168.1.0/24 to any app samba

Special setup

Alter the ufw configuration file

gedit /etc/default/ufw
# The nf_contrack_netbios_ns has been added
IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_irc nf_nat_irc nf_conntrack_netbios_ns"

Samba

sudo ufw allow proto tcp to any port 135 from 192.168.0.0/16
sudo ufw allow proto udp to any port 137 from 192.168.0.0/16
sudo ufw allow proto udp to any port 138 from 192.168.0.0/16
sudo ufw allow proto tcp to any port 139 from 192.168.0.0/16
sudo ufw allow proto tcp to any port 445 from 192.168.0.0/16

Avahi / bonjour /zeroconf

sudo ufw allow proto udp to any port 5353 from 192.168.0.0/16

Cups

sudo ufw allow from 192.168.1.0/24 to any app cups