i want to block all ports using ufw except http/https, basically just to browse the web
i used this
Code:
sudo ufw reset
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw status verbose
sudo ufw enable
sudo ufw logging on
sudo ufw allow out http
sudo ufw allow out https
this is my output
Code:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
80 ALLOW OUT Anywhere
443 ALLOW OUT Anywhere
80 (v6) ALLOW OUT Anywhere (v6)
443 (v6) ALLOW OUT Anywhere (v6)
anything else i could do, maybe default disable outgoing by default?
is it ok to eliminate v6, i assume ipv6
is ok ALLOW OUT? as i understand this means connection that my pc starts to another ip
edit:
it seems my browser doesent work if i set default deny (outgoing)
after running 'lsof -i' it seems firefox has connections from local ports 56389 44274 22400 127612 to the websites's https (443)
but if i let any local port to connect to remote https, with something like this
sudo ufw allow out to any port 80
that leaves room for other programs (like possibly malware) to communicate