szumkoal/cloud-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

UFW Rules documentation

Browse Source
This commit is contained in:
Alex Szumko
2025-12-19 08:35:35 -05:00
parent 9c0d7e0466
commit 05989271ef
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@@ -47,3 +47,23 @@ This folder contains all of the services running on the Pi
## Adding Paths: ## Adding Paths:
1. Add path in NPM (must be on **`homelab`**) 1. Add path in NPM (must be on **`homelab`**)
## UFW Settings
```
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW IN 192.168.0.0/24 # LAN ssh
22/tcp on tailscale0 ALLOW IN Anywhere # Tailscle ssh
53,80,81,443,61208/tcp ALLOW IN 192.168.0.0/24 # LAN Access, 53 -> Pihole, 61208 -> glances
53,80,81,443,61208/udp ALLOW IN 192.168.0.0/24 # LAN Access, 53 -> Pihole, 61208 -> glances
53,80,81,443,61208/tcp on tailscale0 ALLOW IN Anywhere # Tailscale Access, 53 -> Pihole, 61208 -> glances
53,80,81,443,61208/udp on tailscale0 ALLOW IN Anywhere # Tailscale Access, 53 -> Pihole, 61208 -> glances
80/tcp ALLOW IN 172.16.0.0/12 # Docker networks (for calling pihole from NPM)
22/tcp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale ssh (IPv6)
53,80,81,443,61208/tcp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale Access (IPv6), 53 -> Pihole, 61208 -> glances
53,80,81,443,61208/udp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale Access (IPv6), 53 -> Pihole, 61208 -> glances
```