Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- ##########################################################
- # Because otherwise this is a pain
- ##########################################################
- echo "Did you run this script with sudo privileges? If not, Ctrl-C."
- echo "Otherwise, press any key to continue."
- read
- sudo ufw disable
- ##########################################################
- # To reset
- ##########################################################
- echo y | sudo ufw reset
- # To delete a rule, add the word delete after ufw, which means you can
- # script dynamic rule changing fairly easily.
- ##########################################################
- # Internet Exposed Apps
- ##########################################################
- sudo ufw allow Crashplan
- sudo ufw allow Deluge
- #sudo ufw allow Icecast
- sudo ufw allow BTSync
- ##########################################################
- # LAN System Apps
- ##########################################################
- # FTP - it's a service, so no app profile
- sudo ufw allow proto tcp from 192.168.1.0/24 to any port 20
- sudo ufw allow proto tcp from 192.168.1.0/24 to any port 21
- # WakeOnLan
- sudo ufw allow from 192.168.1.0/24 to any port 9
- sudo ufw allow from 192.168.1.0/24 to any app CUPS
- ##########################################################
- # And close up everything else
- # This is last because UFW evaluates from top to bottom. ALWAYS.
- # So if you put these first (as some guides have you do) or worse,
- # put "deny in to any" as your first rule, then you're borked.
- # Putting your DEFAULTS like this, though, means they're evaluated last,
- # which is our desired behavior - and lets us add rules later easily.
- ##########################################################
- sudo ufw default reject incoming
- sudo ufw default allow outgoing
- sudo ufw enable
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement