doc

2025-01-09 22:43:47 +01:00 · 2025-01-09 22:43:47 +01:00 · 7efaa96160
commit 7efaa96160
parent 56cccfc2ec
1 changed files with 30 additions and 0 deletions
--- a/ufw-config.md
+++ b/ufw-config.md
@ -0,0 +1,30 @@
+# UFW config
+
+To enable UFW :
+```
+# dinitctl enable ufw
+# ufw enable
+```
+
+Deny all incoming traffic by default, allow outgoing :
+```
+# ufw default deny incoming
+# ufw default allow outgoing
+```
+
+Open needed ports, here an example with `SSH` :
+```
+# ufw allow ssh
+```
+
+> Common ports are `ssh`, `http`, `https`, `dns`, etc...
+
+You may also limit SSH connections against brute-force :
+```
+# ufw limit ssh
+```
+
+Then reload UFW :
+```
+# ufw reload
+```