Configure ufw firewall
Install ufw firewall:
sudo aptitude install ufw gufw
Activate netbios support:
sudo vi /etc/default/ufw
By adding:
# The nf_contrack_netbios_ns has been added
IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_irc nf_nat_irc nf_conntrack_netbios_ns"
Then apply the following rules:
Generic rules:
sudo ufw default deny incoming
sudo ufw default allow outgoing
Domain:
sudo ufw allow domain
Internet:
sudo ufw allow ssh
sudo ufw allow ftp
sudo ufw allow www
sudo ufw allow https
sudo ufw allow http-alt
Emails:
sudo ufw allow imaps
sudo ufw allow ssmtp
sudo ufw allow xmpp-client
Remote desktop:
sudo ufw allow 5900
Samba:
sudo ufw allow 113
sudo ufw allow proto tcp from 192.168.0.0/24 to 192.168.0.0/24 port 135
sudo ufw allow proto tcp from 192.168.0.0/24 to 192.168.0.0/24 port 139
sudo ufw allow proto tcp from 192.168.0.0/24 to 192.168.0.0/24 port 445
sudo ufw allow proto udp from 192.168.0.0/24 to 192.168.0.0/24 port 137
sudo ufw allow proto udp from 192.168.0.0/24 to 192.168.0.0/24 port 138
Transmission:
sudo ufw allow 9091
sudo ufw allow 20500:20599/tcp
sudo ufw allow 20500:20599/udp
NTP:
sudo ufw allow ntp
Squeezeserver:
sudo ufw allow 9000
Before applying the new rules, the logging can be activated with:
sudo ufw logging on
Then reload the configuration with:
sudo ufw enable
The firewall status is visible with:
sudo ufw status
To stop the firewall, the command is:
sudo ufw disable
All the existing rules can be removed with:
sudo ufw reset
And finally, to display the log, type:
sudo tail -f /var/log/ufw.log