Beantwortet: Firewall linux (Ubuntu 14.04)

alrwady

Junior Member
Hi,
ich möchte verhindern, dass sich eine Verbindung ohne VPN aufbaut. Deshalb habe ich ufw (uncomplicated firewall) installiert und folgemdes script gefunden:

ufw.sh
  • #!/bin/bash
  • # Reset the ufw config
  • ufw --force reset
  • # let all incoming traffic pass
  • ufw default allow incoming
  • # and block outgoing by default
  • ufw default deny outgoing
  • # Every communiction via VPN is considered to be safe
  • ufw allow out on tun0
  • # Don't block the creation of the VPN tunnel
  • ufw allow out 1149
  • # Don't block DNS queries
  • ufw allow out 53
  • # Allow local IPv4 connections
  • ufw allow out to 10.0.0.0/8
  • ufw allow out to 172.16.0.0/12
  • ufw allow out to 192.168.0.0/16
  • # Enable the firewall
  • ufw enable

Wollte wissen ob das so passt.
 
Solution
G
Ja, es passt alles.
Ich würde aber multicast und IPv6 noch ergänzen.

Code:
# Allow IPv4 local multicasts
ufw allow out to 224.0.0.0/24
ufw allow out to 239.0.0.0/8

# Allow local IPv6 connections
ufw allow out to fe80::/64
# Allow IPv6 link-local multicasts
ufw allow out to ff01::/16
# Allow IPv6 site-local multicasts
ufw allow out to ff02::/16
ufw allow out to ff05::/16
Ja, es passt alles.
Ich würde aber multicast und IPv6 noch ergänzen.

Code:
# Allow IPv4 local multicasts
ufw allow out to 224.0.0.0/24
ufw allow out to 239.0.0.0/8

# Allow local IPv6 connections
ufw allow out to fe80::/64
# Allow IPv6 link-local multicasts
ufw allow out to ff01::/16
# Allow IPv6 site-local multicasts
ufw allow out to ff02::/16
ufw allow out to ff05::/16
 
Solution
Back
Top