summaryrefslogtreecommitdiff
path: root/ufw.sh
blob: 739d279f4375173f8cb3dcea79dac496af33bbeb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

#!/bin/bash

main() {
	ufw --force reset

	ufw default deny incoming on enp2s0
	ufw default allow outgoing
	ufw allow in on virbr0

	ufw allow in on enp2s0 to any port 22

	# nginx
	ufw allow in on enp2s0 to any port 80
	ufw allow in on enp2s0 to any port 443

	# dovecot
	ufw allow in on enp2s0 to any port 143
	ufw allow in on enp2s0 to any port 993
	ufw allow in on enp2s0 to any port 4190
	ufw allow in on enp2s0 to any port 12302

	# postfix
	ufw allow in on enp2s0 to any port 25
	ufw allow in on enp2s0 to any port 465
	ufw allow in on enp2s0 to any port 587
}

main