ufw.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

#!/bin/bash

main() {
	ufw --force reset

	ufw default deny incoming
	ufw default allow outgoing
	ufw allow in on virbr0

	# ssh
	ufw allow in on enp2s0 to any port 22

	# nginx
	ufw allow in on enp2s0 to any port 80
	ufw allow in on enp2s0 to any port 443

	# dovecot
	ufw allow in on enp2s0 to any port 143
	ufw allow in on enp2s0 to any port 993
	ufw allow in on enp2s0 to any port 4190 # sieve

	# postfix
	ufw allow in on enp2s0 to any port 25
	ufw allow in on enp2s0 to any port 465
	ufw allow in on enp2s0 to any port 587
}

main
ufw enable