Opening tcp/udp ports (iptables and ufw)

METHOD 1 - IPTABLES

iptables -A INPUT -p tcp -m tcp --dport 389 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 389 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 636 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 636 -m state --state NEW,ESTABLISHED -j ACCEPT

Habilitando porta de FTP

iptables -A INPUT -p tcp –-dport 21 -j ACCEPT

Habilitando porta de ssh

iptables -A INPUT -p tcp –-dport 22 -j ACCEPT

web shell

iptables -A INPUT -p tcp –-dport 12320 -j ACCEPT

webmin

iptables -A INPUT -p tcp –-dport 10000 -j ACCEPT

Making Changes permanent

$ sudo apt-get install iptables-persistent

Use dpkg-reconfigure to execute this step later.

$ sudo dpkg-reconfigure iptables-persistent

Ensure that netfilter-persistent will be enabled at boot.

$ sudo systemctl enable netfilter-persistent

Change FLUSH_ON_STOP variable in /etc/default/netfilter-persistent default configuration file to flush firewall rules when service is stopped. It is not necessary to perform this step if you want the default behaviour.

$ cat /etc/default/netfilter-persistent 

# Configuration for netfilter-persistent
# Plugins may extend this file or have their own

FLUSH_ON_STOP=0

IPv4 firewall rules are not saved automatically on system shutdown. Use the following command to update these.

$ iptables-save > /etc/iptables/rules.v4

IPv6 firewall rules are not saved automatically on system shutdown. Use the following command to update these.

$ ip6tables-save > /etc/iptables/rules.v6

METHOD 2: UFW

sudo apt install ufw

sudo ufw default deny incoming
sudo ufw default allow outgoing

sudo ufw allow 389
sudo ufw allow 636

sudo ufw allow ssh
sudo ufw allow ftp

sudo ufw enable