Join Log in
Score:-1
bjohas avatar Ubuntu

Disable outgoing connection via firewall

br flag
bjohas

For a headless setup, I would like to set up ufw so that

  • ssh into the machine is possible
  • no outgoing connections are allowed (not ssh, nor anything else; edit: particularly to the local network)

How do I configure ufw like this?

Explanation: I am trying to restrict all LAN traffic on a Raspberry Pi, except for incoming ssh (via port forward). The idea is to create a 'sandboxed' environment with no connectivity to machines on the same subnet. That is to say, unless the user knows the sudo password, and disable ufw, they cannot access the LAN.

Many thanks!

(Please note: As this is for a headless setup, I would like this to work while I ssh into the device. I.e., the ssh port has to stay open, or be opened immediately.)

28
1 + 2
ufw
hu flag
mikewhatever
Does this answer your question? [How do I with ufw deny all outgoing ports excepting the ones I need?](https://askubuntu.com/questions/448836/how-do-i-with-ufw-deny-all-outgoing-ports-excepting-the-ones-i-need)
0
Reply
bjohas avatar
br flag
bjohas
Thank you for the tip. It's not clear to me that that that post actually has a solution :) It seems to offer a recipe, but not really a complete/accepted solution?
0
Reply
Score:0
bjohas avatar Ubuntu
br flag
bjohas

I believe that this would work, but would appreciate feedback from others:

sudo ufw allow ssh
sudo ufw allow out to 192.168.0.1
sudo ufw deny out to 192.168.0.0/24
+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.