mirror of
https://github.com/basecamp/omarchy.git
synced 2025-07-27 20:29:24 +00:00
Install and enable ufw firewall by default
Gotta be safe out there!
This commit is contained in:
David Heinemeier Hansson
23
install/firewall.sh
Normal file
23
install/firewall.sh
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if ! command -v ufw &>/dev/null; then
|
||||||
|
yay -Sy --noconfirm --needed ufw ufw-docker
|
||||||
|
|
||||||
|
# Allow nothing in, everything out
|
||||||
|
sudo ufw default deny incoming
|
||||||
|
sudo ufw default allow outgoing
|
||||||
|
|
||||||
|
# Allow ports for LocalSend
|
||||||
|
sudo ufw allow 53317/udp
|
||||||
|
sudo ufw allow 53317/tcp
|
||||||
|
|
||||||
|
# Allow SSH in
|
||||||
|
sudo ufw allow 22/tcp
|
||||||
|
|
||||||
|
# Allow Docker containers to use DNS on host
|
||||||
|
sudo ufw allow in on docker0 to any port 53
|
||||||
|
|
||||||
|
# Turn on the firewall
|
||||||
|
sudo ufw enable
|
||||||
|
sudo ufw reload
|
||||||
|
fi
|
||||||
Reference in New Issue
Block a user