You are not logged in.

Pages: 1

#1 2013-09-29 12:57:12

jappel
Member
Registered: 2009-04-09
Posts: 14

Seperate UFW Firewall rules for different interfaces (wlan / lan)

Hello!

I try to set up a firewall with ufw, one for the LAN interface, different / no rules for the WLAN interface. I struggle to set rules for the WLAN interface to allow dnsmasq to serve ip addresses to connecting wireless devices.

Setup:

* Atom PC connected per LAN (enp1s0) to the internet.
-Servers as wireless acces point (WAP) per WLAN (wlp2s0) interface.
(working)

When I enable ufw, no wlan device gets an IP address -> devices can longer connect.

I tried 

ufw allow out on wlp2s0

which resulted in the rules of

From anywhere on wlp2s0 ALLOW out to Anywhere

Which for my understanding looks good, but it didn't serve any IP's to connecting devices.


I tried many different variations of snippets I could find on the internet, but ultimately I'm not finding the answere.

Help is very much appreciated : )

Offline

#2 2013-09-29 16:17:48

jappel
Member
Registered: 2009-04-09
Posts: 14

Re: Seperate UFW Firewall rules for different interfaces (wlan / lan)

Follow up:

ufw allow bootps

will open the required port (67)

resulting in 

From Anywhere ALLOW to 67

A scan on the machine from outside via grc ShieldsUp reveals that port 67 is closed, all others are in stealth mode.
Is this a security risk or are things the way they are supposed to?

Offline

Pages: 1

Board footer

Powered by FluxBB