« Pihole firewall » : différence entre les versions
| Ligne 20 : | Ligne 20 : | ||
ufw route allow in on wg0 out on eth0 | ufw route allow in on wg0 out on eth0 | ||
ufw route allow in on eth0 out on wg0 | ufw route allow in on eth0 out on wg0 | ||
echo "Backup ufw OK." | |||
exit 0 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Version du 23 février 2025 à 19:15
ufw_rules_backup.sh
#!/bin/bash
ufw allow from 192.168.1.0/24 to any port 22 proto tcp
ufw allow 53/tcp
ufw allow 53/udp
ufw allow 5335/tcp
ufw allow 5335/udp
ufw allow 67/udp
ufw allow 68/udp
ufw allow 51820/udp
ufw allow from 192.168.1.0/24 to any port 80 proto tcp
ufw allow from 192.168.1.0/24 to any port 443 proto tcp
ufw allow from 192.168.1.0/24 to any port 8082 proto tcp
ufw allow from 10.131.215.0/24 to any port 80 proto tcp
ufw allow from 10.131.215.0/24 to any port 443 proto tcp
ufw allow from 10.131.215.0/24 to any port 8082 proto tcp
# autoriser le trafic entre l'interface WireGuard (wg0) et l'interface Ethernet (eth0)
ufw route allow in on wg0 out on eth0
ufw route allow in on eth0 out on wg0
echo "Backup ufw OK."
exit 0
restore_ufw.sh
#!/bin/bash
sudo ufw reset
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow from 192.168.1.0/24 to any port 22 proto tcp
sudo bash ufw_rules_backup.sh
sudo ufw enable
sudo ufw status numbered
echo "Restore ufw OK."
exit 0