On 3/12/2011 5:55 AM, Tom H wrote:
On Sat, Mar 12, 2011 at 5:06 AM, Andrei Popescu <andreimpopescu@gmail.com> wrote:On Vi, 11 mar 11, 14:56:42, Michael Friendly wrote:- Do I have to install/enable the rules from iptables for ssh, samba, etc within ufw?First you need to find out exactly how the iptables rules are loaded. Could be via /etc/rc.local a dedicated script in /etc/init.d/ or something else (is package iptables-persistent also in Ubuntu?). Do not try to use ufw until you know exactly how the current iptables rules are loaded and you know for sure you can disable them!Check "/etc/network/if-pre-up.d/" and "/etc/network/if-up.d/" too. And, if you're using Network Manager, there *may* be other directories to look into.
OK, I found /etc/network/interfaces contains the line pre-up /etc/iptablesand /etc/iptables contains the rules. But I'm not sure what to do now, either with iptables or ufw. If ufw works via iptables, can I just enable ufw now without danger? How can I enable me to use use ssh from
home?For example, there is currently one rule allowing me to ssh from a PC in my office
iptables -A INPUT -s 130.xxx.xxx.xx/32 -p tcp --destination-port 22 -j ACCEPT
I can mimic this for another PC (e.g., in my lab), but I'd like to be able to use ssh from home, where I don't think I have a fixed IP address from my service provider.
-- Michael Friendly Email: friendly AT yorku DOT ca Professor, Psychology Dept. York University Voice: 416 736-5115 x66249 Fax: 416 736-5814 4700 Keele Street Web: http://www.datavis.ca Toronto, ONT M3J 1P3 CANADA