UFW Firewall Blocking unwanted traffic

App_rpt-users
1

I am not aware of how to block a node number if their is a problem however here is what i came up with for the Debian or Dial Distribution or if your running Ubuntu Server etc…

I install ufw here is some command line tips

sudo apt-get update && sudo apt-get upgrade

sudo apt-get install ufw

sudo ufw allow {Port Number}

I dont suggest using default ports with ssh because they get hammed really hard and on my data center I do use default port however i also run Fail2ban on the server I wont cover fail2ban because its pretty easy and self explanatory for the most part…

Example using all default ports for allstar

sudo ufw allow 222/tcp <-- Ssh port

sudo ufw allow 4569/udp <-- Iax port for allstar

sudo ufw allow 5060/udp <— For sip if you have to use it I always stay clear of this particular port it gets hammered alot harder easier to break sip traffic…

sudo ufw allow 5198/udp <— Echolink port

sudo ufw allow 5199/udp <-- Another echolink port…

sudo ufw allow 5200/tcp <-- And yet another echolink port…

If you use allmon and would like to access it

sudo ufw allow 80/tcp

sudo ufw default allow outgoing

sudo ufw default deny incoming

sudo systemctl start ufw

sudo systemctl enable ufw

here is the documentation that helped me out from linode…

https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw

Mark KC9ZHR helped me create a script that has pretty much cured most of my hacker issues here is that script… Look it over and put a # over ports you wish to keep out of the ban list… This script has solved about 90% of my hacker issues on sip ports and iax ports… So far no one has been successful but i am always looking to keep the system secure the best i can…

http://kc9zhv.com/iso/ufwblocklist

Here is how i run it on my allstar servers…

wget http://kc9zhv.com/iso/ufwblocklist

sudo ./ufwblocklist

Hope this helps anyone out their dealing with unwanted traffic…

Oh almost for got if their is an ip that you wish to allow you can add via typing

sudo ufw allow from 10.10.10.1

or you can

sudo ufw allow from 10.10.10.1/24

···

Loren Tedford (KC9ZHV)
Email: lorentedford@gmail.com

Main Line:1-631-686-8878 Option 1 for Loren.

Fax Line 1:1-618-551-2755

Fax Line 2:1-631-686-8892 (New Fax line)

Cell: 618-553-0806

http://www.lorentedford.com

http://www.kc9zhv.com

http://hub.kc9zhv.com