ubuntu firewall, only allow access to port from local network

replica88 · 02-10-2010, 10:54 AM

Below are the rules currently on the firewall,

Code:

root@Fileserver:/# ufw status
Firewall loaded

To                         Action  From
--                         ------  ----
22:tcp                     ALLOW   Anywhere
22:udp                     ALLOW   Anywhere
21:tcp                     ALLOW   Anywhere
21:udp                     ALLOW   Anywhere
20:tcp                     ALLOW   Anywhere
20:udp                     ALLOW   Anywhere
901:tcp                    ALLOW   Anywhere
901:udp                    ALLOW   Anywhere
139:tcp                    ALLOW   Anywhere
139:udp                    ALLOW   Anywhere
445:tcp                    ALLOW   Anywhere
445:udp                    ALLOW   Anywhere
999:tcp                    DENY    Anywhere
999:udp                    DENY    Anywhere

what I would like to do is to only allow access to ports 139,445 from the local network, for example 192.168.1.0. The catch is this system will be reproduced and sent to networks with different address schemes and will get its address via dhcp, ideally I want to avoid manually editing each rule for every system sent out.

Any ideas?

Web31337 · 02-11-2010, 05:31 AM

You may want to use a shell/perl/python script that will get ifconfig outputs, will generate rules, fits your needs, when first installed on remote system. If i got it right.

replica88 · 02-11-2010, 06:30 AM

Quote:

Originally Posted by Web31337

You may want to use a shell/perl/python script that will get ifconfig outputs, will generate rules, fits your needs, when first installed on remote system. If i got it right.

That sounds like a good idea, it would have to be a script that ran every hour or so to ensure that if the addressing scheme changes and the server leases a new IP the resources are still accessible

Web31337 · 02-11-2010, 06:34 AM

And don't forget port 135 as well if you're dealing with netbios. That may be vulnerable.