Firewall Rules Fog Server
-
Trying to button up our Fog Server and apply UFW rules. Does anyone have a default ruleset that they use for Fog? This is what it is currently listening on:
udp UNCONN 0 0 0.0.0.0:55629 0.0.0.0:* users:(("rpc.statd",pid=688,fd=8)) udp UNCONN 0 0 0.0.0.0:59831 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=8)) udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=675,fd=13)) udp UNCONN 0 0 10.10.70.9%eth0:68 0.0.0.0:* users:(("systemd-network",pid=673,fd=15)) udp UNCONN 0 0 0.0.0.0:69 0.0.0.0:* users:(("in.tftpd",pid=819,fd=4)) udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=544,fd=5),("systemd",pid=1,fd=62)) udp UNCONN 0 0 0.0.0.0:49302 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:161 0.0.0.0:* users:(("snmpd",pid=713,fd=6)) udp UNCONN 0 0 127.0.0.1:864 0.0.0.0:* users:(("rpc.statd",pid=688,fd=5)) udp UNCONN 0 0 0.0.0.0:33924 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=4)) udp UNCONN 0 0 0.0.0.0:33928 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=12)) udp UNCONN 0 0 [::]:46961 [::]:* users:(("rpc.mountd",pid=687,fd=14)) udp UNCONN 0 0 [::]:43807 [::]:* users:(("rpc.mountd",pid=687,fd=10)) udp UNCONN 0 0 [::]:44473 [::]:* users:(("rpc.mountd",pid=687,fd=6)) udp UNCONN 0 0 [::]:36621 [::]:* users:(("rpc.statd",pid=688,fd=10)) udp UNCONN 0 0 [::]:69 [::]:* users:(("in.tftpd",pid=819,fd=5)) udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=544,fd=7),("systemd",pid=1,fd=64)) udp UNCONN 0 0 [::]:37797 [::]:* tcp LISTEN 0 4096 0.0.0.0:42063 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=9)) tcp LISTEN 0 32 0.0.0.0:21 0.0.0.0:* users:(("vsftpd",pid=730,fd=3)) tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=850,fd=3)) tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=544,fd=4),("systemd",pid=1,fd=61)) tcp LISTEN 0 4096 0.0.0.0:60621 0.0.0.0:* users:(("rpc.statd",pid=688,fd=9)) tcp LISTEN 0 80 0.0.0.0:3306 0.0.0.0:* users:(("mariadbd",pid=926,fd=30)) tcp LISTEN 0 4096 0.0.0.0:48417 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=5)) tcp LISTEN 0 64 0.0.0.0:44735 0.0.0.0:* tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:35157 0.0.0.0:* users:(("rpc.mountd",pid=687,fd=13)) tcp LISTEN 0 4096 [::]:54973 [::]:* users:(("rpc.mountd",pid=687,fd=11)) tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=850,fd=4)) tcp LISTEN 0 511 *:80 *:* users:(("apache2",pid=1338482,fd=4),("apache2",pid=1275019,fd=4),("apache2",pid=1274184,fd=4),("apache2",pid=1274085,fd=4),("apache2",pid=1274084,fd=4),("apache2",pid=1274083,fd=4),("apache2",pid=1274082,fd=4),("apache2",pid=1274081,fd=4),("apache2",pid=986,fd=4)) tcp LISTEN 0 64 [::]:41029 [::]:* tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=544,fd=6),("systemd",pid=1,fd=63)) tcp LISTEN 0 511 *:443 *:* users:(("apache2",pid=1338482,fd=6),("apache2",pid=1275019,fd=6),("apache2",pid=1274184,fd=6),("apache2",pid=1274085,fd=6),("apache2",pid=1274084,fd=6),("apache2",pid=1274083,fd=6),("apache2",pid=1274082,fd=6),("apache2",pid=1274081,fd=6),("apache2",pid=986,fd=6)) tcp LISTEN 0 4096 [::]:53863 [::]:* users:(("rpc.mountd",pid=687,fd=7)) tcp LISTEN 0 4096 [::]:33617 [::]:* users:(("rpc.statd",pid=688,fd=11)) tcp LISTEN 0 80 [::]:3306 [::]:* users:(("mariadbd",pid=926,fd=32)) tcp LISTEN 0 4096 [::]:45009 [::]:* users:(("rpc.mountd",pid=687,fd=15)) tcp LISTEN 0 64 [::]:2049 [::]:* -
@astrugatch we have firewalld but you can make the adjustments… some ports have been changed from the initial setup due to network restrictions.
- name: FOG_Services short: FOG Server network rules description: >- For FOG Server to handle boot, image and various tasks on workstations sources: - SUBNET_IPS allow_icmp: - echo-request - echo-reply services: - ftp - http - mountd - nfs - rpc-bind - tftp ports: - { port: 20048, proto: tcp } # nfs - { port: 20048, proto: udp } # nfs - { port: "35350-36350", proto: udp } # tftp - { port: "49512-65532", proto: udp } # multicast
