-
Notifications
You must be signed in to change notification settings - Fork 0
UFW Firewall
Matvey Gladkikh edited this page Nov 7, 2022
·
9 revisions
apt-get -y install ufw
#install ufw-docker (allow docker traffic):
curl -f https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /usr/local/bin/ufw-docker; chmod +x /usr/local/bin/ufw-docker; /usr/local/bin/ufw-docker install;
#allow local services ssh:
ufw allow 22
#allow docker services http/https
ufw-docker allow 80
ufw-docker allow 443
ufw enable
#disable external traffic to non routable ips:
ufw deny out from any to 10.0.0.0/8
ufw deny out from any to 172.16.0.0/12
ufw deny out from any to 192.168.0.0/16
ufw deny out from any to 100.64.0.0/10
ufw deny out from any to 198.18.0.0/15
ufw deny out from any to 169.254.0.0/16