Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-22 12:09:28 +01:00
Code Issues Projects Releases Wiki Activity

blog/ufw: add port 123/NTP

Browse Source
This commit is contained in:
Aminda Suomalainen 2020-10-26 07:31:09 +02:00
parent 2704d92543
commit 4ba73b5498
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
blog/_posts/2015-06-12-ufw.md
View File

@ -39,6 +39,8 @@ ufw default allow outgoing
systemctl enable ufw && systemctl start ufw systemctl enable ufw && systemctl start ufw
ufw enable ufw enable
ufw reject 113/tcp ufw reject 113/tcp
#ufw allow from 192.168.0.0/16 to any port 123 proto udp
ufw allow from fe80::/10 to any port 123 proto udp
#ufw allow from 192.168.8.0/24 to any port 631 proto tcp #ufw allow from 192.168.8.0/24 to any port 631 proto tcp
ufw allow from fe80::/10 to any port 631 ufw allow from fe80::/10 to any port 631
#ufw allow from 192.168.8.0/24 to any port 5353 proto udp #ufw allow from 192.168.8.0/24 to any port 5353 proto udp
@ -64,6 +66,7 @@ ufw allow 60000:61000/udp
allow this instead. And if you don't use IRC or don't care about having allow this instead. And if you don't use IRC or don't care about having
to wait for the check to timeout, don't do this as you may leave to wait for the check to timeout, don't do this as you may leave
yourself visible to random port scanners. yourself visible to random port scanners.
* 123 UDP/NTP - syncing time between local hosts
* 631 both/cups — Allow access to cups for printer sharing from 192.168.8.xxx * 631 both/cups — Allow access to cups for printer sharing from 192.168.8.xxx
* fe80:://10 is link-local address existing _everywhere_ IPv6 is enabled, * fe80:://10 is link-local address existing _everywhere_ IPv6 is enabled,
check your `ip addr` or on Windows `ipconfig /all` for fun. check your `ip addr` or on Windows `ipconfig /all` for fun.