Comment

Comment on Hosting multiple services with one IP address.

What service would you recommenced for firewall. The firewall I use on my laptop is ufw, should I use that on the vps or is their a different service that works better?

source

Sort:hotnew top

kumi@feddit.online ⁨3⁩ ⁨days⁩ ago
Firewalld.

sudo apt-get install firewalld systemctl enable --now firewalld # ssh on port 22 opened but otherwise most things blocked by default firewall-cmd --get-active-zones firewall-cmd --info-zone=public firewall-cmd --zone=public --add-port=1234/tcp firewall-cmd --runtime-to-permanent

There are some decent guides online. Also take a look in /etc/firewalld/firewalld.conf and see if you want to change anything.

You need to know about zones, ports, and interfaces for the basics. Services are optional. Policies are more advanced.
source
deadcade@lemmy.deadca.de ⁨4⁩ ⁨days⁩ ago
UFW works well, and is easy to configure. UFW is a great option if you don’t need the flexibility (and insane complexity) that manually managing iptables rules offers,

source
- kumi@feddit.online ⁨3⁩ ⁨days⁩ ago
  The main problem with UFW, besides being based on legacy iptables (instead of the modern nftables which is easier to learn and manage), is the config format. Keeping track of your changes over track is hard, and even with tools like ansible it easily becomes a mess where things can fall out of sync with what you expect.
  
  I strongly recommend firewalld, or rawdogging nftables.
  
  source
K3can@lemmy.radio ⁨3⁩ ⁨days⁩ ago
ufw is just a fancy frontend for iptables, but hasn’t been updated for nftables, yet.

Firewalld is an option that supports both, and if you happen to be running cockpit as well, the cockpit-firewall plugin provides a simple GUI for the whole thing.

source