+++ /dev/null
-#
-# rules.input-after
-#
-# Rules that should be run after the ufw command line added rules. Custom
-# rules should be added to one of these chains:
-# ufw-after-input
-# ufw-after-output
-# ufw-after-forward
-#
-
-# Don't delete these required lines, otherwise there will be errors
-*filter
-:ufw-after-input - [0:0]
-:ufw-after-output - [0:0]
-:ufw-after-forward - [0:0]
-# End required lines
-
-## allow connections to the local services from WAN
-# ssh 22/tcp
--A ufw-after-input -p tcp --syn -m state --state NEW --dport 22 -j ACCEPT
-# https 443/tcp
--A ufw-after-input -p tcp --syn -m state --state NEW --dport 443 -j ACCEPT
-
-# don't log noisy services by default
--A ufw-after-input -p udp --dport 137 -j RETURN
--A ufw-after-input -p udp --dport 138 -j RETURN
--A ufw-after-input -p tcp --dport 139 -j RETURN
--A ufw-after-input -p tcp --dport 445 -j RETURN
--A ufw-after-input -p udp --dport 67 -j RETURN
--A ufw-after-input -p udp --dport 68 -j RETURN
-
-# catchall for logging
--A ufw-after-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK INPUT]: " --log-level err
--A ufw-after-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK FORWARD]: " --log-level err
-
-# don't delete the 'COMMIT' line or these rules won't be processed
-COMMIT
projects / lab.git / blobdiff