ajax13 · October 23, 2017 10:35
diff --git a/ufw-rules-ubuntu.sh b/ufw-rules-ubuntu.sh
 #!/bin/sh

 # disable firewall
 sudo ufw disable

 # reset all firewall rules
 sudo ufw reset --force

 # set default rules: deny all incoming traffic, allow all outgoing traffic
 sudo ufw default deny incoming
 sudo ufw default allow outgoing

 #  Some rules

 # open port for SSH (remote support)
 # ufw supports connection rate limiting, which is useful for protecting
 # against brute-force login attacks. ufw will deny connections if an IP
 # address has attempted to initiate 6 or more connections in the last 30
 # seconds. See http://www.debian-administration.org/articles/187 for details.
 sudo ufw limit log from 192.168.0.0/24 to any proto tcp port 22

 ## Allow DNS - HTTP and HTTPS  - NTP
 ufw allow 53
 ufw allow http/tcp
 ufw allow https/tcp
 ufw allow 123

 ## Librenms SNMP and Unix-agent
 ufw allow 161
 ufw allow 6556

 ## Allow connections on all ports from an IP 
 ufw allow from xx.xx.xx.xx

 # Don't allow public Internet access (0.0.0.0/0) to this list 
 20/21 - FTP
 22 - SSH
 3306 - MySQL
 5432 - PostgreSQL
 # windows stuff
 1433 - MSSQL Server
 1434 - MSSQL Monitor
 4333 - MSQL
 3389 - RDP # Remote Desktop Protocol for windows
 5500 - VNC RDP # Virtual Network Computing comme RDP mais 

 Whitelist Cloudflare network IPv4+IPv6
 wget https://raw.githubusercontent.com/Paul-Reed/cloudflare-ufw/master/cloudflare-ufw.sh
 bash cloudflare-ufw.sh

 # Restart
 sudo ufw disable && sudo ufw enable
 sudo ufw reload

 # Eenable firewall
 sudo ufw enable

 # list all firewall rules
 sudo ufw status numbered verbose
	#!/bin/sh

	# disable firewall
	sudo ufw disable

	# reset all firewall rules
	sudo ufw reset --force

	# set default rules: deny all incoming traffic, allow all outgoing traffic
	sudo ufw default deny incoming
	sudo ufw default allow outgoing

	# Some rules

	# open port for SSH (remote support)
	# ufw supports connection rate limiting, which is useful for protecting
	# against brute-force login attacks. ufw will deny connections if an IP
	# address has attempted to initiate 6 or more connections in the last 30
	# seconds. See http://www.debian-administration.org/articles/187 for details.
	sudo ufw limit log from 192.168.0.0/24 to any proto tcp port 22

	## Allow DNS - HTTP and HTTPS - NTP
	ufw allow 53
	ufw allow http/tcp
	ufw allow https/tcp
	ufw allow 123

	## Librenms SNMP and Unix-agent
	ufw allow 161
	ufw allow 6556

	## Allow connections on all ports from an IP
	ufw allow from xx.xx.xx.xx

	# Don't allow public Internet access (0.0.0.0/0) to this list
	20/21 - FTP
	22 - SSH
	3306 - MySQL
	5432 - PostgreSQL
	# windows stuff
	1433 - MSSQL Server
	1434 - MSSQL Monitor
	4333 - MSQL
	3389 - RDP # Remote Desktop Protocol for windows
	5500 - VNC RDP # Virtual Network Computing comme RDP mais

	Whitelist Cloudflare network IPv4+IPv6
	wget https://raw.githubusercontent.com/Paul-Reed/cloudflare-ufw/master/cloudflare-ufw.sh
	bash cloudflare-ufw.sh

	# Restart
	sudo ufw disable && sudo ufw enable
	sudo ufw reload

	# Eenable firewall
	sudo ufw enable

	# list all firewall rules
	sudo ufw status numbered verbose