From 7efaa96160205c8534c60fd90485d2f14346c940 Mon Sep 17 00:00:00 2001
From: julien <julien.deb@netig.net>
Date: Thu, 9 Jan 2025 22:43:47 +0100
Subject: [PATCH] doc

---
 ufw-config.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 ufw-config.md

diff --git a/ufw-config.md b/ufw-config.md
new file mode 100644
index 0000000..27720f4
--- /dev/null
+++ b/ufw-config.md
@@ -0,0 +1,30 @@
+# UFW config
+
+To enable UFW :
+```
+# dinitctl enable ufw
+# ufw enable
+```
+
+Deny all incoming traffic by default, allow outgoing :
+```
+# ufw default deny incoming
+# ufw default allow outgoing
+```
+
+Open needed ports, here an example with `SSH` :
+```
+# ufw allow ssh
+```
+
+> Common ports are `ssh`, `http`, `https`, `dns`, etc...
+
+You may also limit SSH connections against brute-force :
+```
+# ufw limit ssh
+```
+
+Then reload UFW :
+```
+# ufw reload
+```