Merge pull request #47 from vnnkl/45-configureLazyFirewall

configure ufw
2025-09-19 12:10:33 +02:00 · 2018-08-23 01:04:00 +02:00
parent f76ae7c3cf 16802b6b8f
commit 9a5cb86fc1
1 changed files with 16 additions and 0 deletions
--- a/build.sdcard/raspbianStretchDesktop.sh
+++ b/build.sdcard/raspbianStretchDesktop.sh
@@ -91,6 +91,22 @@ echo "*** HARDENING ***"

 # firewall - just install (not configure)
 sudo apt-get install -y ufw
+echo "allow: ssh"
+ufw allow ssh
+echo "allow: bitcoin testnet"
+ufw allow 18333
+echo "allow: bitcoin mainnet"
+ufw allow 8333
+echo 'allow: lightning testnet'
+ufw allow 19735
+echo "allow: lightning mainnet"
+ufw allow 9735
+echo "deny incoming connection on other ports"
+ufw default deny incoming
+echo "allow outgoing connections"
+ufw default allow outgoing
+echo "enable lazy firewall"
+ufw enable

 # fail2ban (no config required)
 sudo apt-get install -y fail2ban