Gufw Firewall

From MyWiki
Jump to: navigation, search

An addition to the before.rules in the /etc/ufw directory

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to wlp11s0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
-A PREROUTING -i eth0 -p tcp -s 158.223.0.0/16  --dport 3389 -j DNAT --to 10.27.139.30:3389
-A PREROUTING -i eth0 -p tcp  --dport 80 -j DNAT --to 10.27.139.30:80
-A PREROUTING -i eth0 -p tcp  --dport 443 -j DNAT --to 10.27.139.30:443
-A PREROUTING -i eth0 -p tcp  --dport 1433 -j DNAT --to 10.27.139.31:1433
-A PREROUTING -i eth0 -p tcp  --dport 4569 -j DNAT --to 10.27.139.33:4569
-A PREROUTING -i eth0 -p udp  --dport 4569 -j DNAT --to 10.27.139.33:4569
 
COMMIT
# END OPENVPN RULES


https://help.ubuntu.com/community/UFW

Enable and Disable
Enable UFW
To turn UFW on with the default set of rules:
    sudo ufw enable
To check the status of UFW:
    sudo ufw status verbose
The output should be like this:
youruser@yourcomputer:~$ sudo ufw status verbose
[sudo] password for youruser:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
youruser@yourcomputer:~$
Note that by default, deny is being applied to incoming. There are exceptions, which can be found in the output of this command:
    sudo ufw show raw
You can also read the rules files in /etc/ufw (the files whose names end with .rules).
Disable UFW
To disable ufw use:
    sudo ufw disable