Browse Source
Merge pull request #47 from vnnkl/45-configureLazyFirewall
configure ufw
#146
Christian Rotzoll
6 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with
16 additions and
0 deletions
-
build.sdcard/raspbianStretchDesktop.sh
|
|
@ -91,6 +91,22 @@ echo "*** HARDENING ***" |
|
|
|
|
|
|
|
# firewall - just install (not configure) |
|
|
|
sudo apt-get install -y ufw |
|
|
|
echo "allow: ssh" |
|
|
|
ufw allow ssh |
|
|
|
echo "allow: bitcoin testnet" |
|
|
|
ufw allow 18333 |
|
|
|
echo "allow: bitcoin mainnet" |
|
|
|
ufw allow 8333 |
|
|
|
echo 'allow: lightning testnet' |
|
|
|
ufw allow 19735 |
|
|
|
echo "allow: lightning mainnet" |
|
|
|
ufw allow 9735 |
|
|
|
echo "deny incoming connection on other ports" |
|
|
|
ufw default deny incoming |
|
|
|
echo "allow outgoing connections" |
|
|
|
ufw default allow outgoing |
|
|
|
echo "enable lazy firewall" |
|
|
|
ufw enable |
|
|
|
|
|
|
|
# fail2ban (no config required) |
|
|
|
sudo apt-get install -y fail2ban |
|
|
|