Ubuntu
ufw package

Bug #659619
Comment #5

Comment 5 for bug 659619

Revision history for this message

jhansonxi (jhansonxi) wrote on 2010-12-28:

ufw-app-profiles_1.2.tar.bz2 Edit (23.8 KiB, application/x-tar)

UFW profiles v1.2
Several changes to http, mostly because of bug #694894.

I added a new parameter, "modules", because of bug #608159 and my need for nf_conntrack_sane in the IPT_MODULES list in /etc/default/ufw. Support for this module was added to the Preferences/IPT Modules panel of uft-frontends when I asked (http://code.google.com/p/ufw-frontends/issues/detail?id=13&can=1). While that helps, doing it this way seems backwards as the module is specific to one protocol and it makes more sense to add it automatically when the port rule is added. In cases where it is optional, like with sane, I just made two profiles. One has the single port with the module while the other excludes the module and has the entire data port range opened as per the /etc/sane.d/sane.conf file.

I noticed that the SIP/h323 modules have their own parameters which may be useful to support configuration of through UFW:
http://wiki.freeswitch.org/wiki/Firewall

I'm not sure if the other modules have options like these.

Seem to have a lot of profiles now.
grep "ports=" * | wc -l
311

Ubuntuufw package

Comment 5 for bug 659619

Ubuntu
ufw package