firewall

After upgrading to Natty Narwhal I couldn’t connect to my Linux based jump host (connected via VPN): OpenSSH_5.8p1 Debian-1ubuntu2, OpenSSL 0.9.8o 01 Jun 2010 debug1: Reading configuration data /home/alj/.ssh/config debug1: Applying options for * debug1: Applying options for smallpox.xxx.dk debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to smallpox.xxx.dk [xxx.xxx.xxx.xxx] port 22. debug1: Connection established. debug1: identity file /home/alj/.ssh/id_rsa type -1 debug1: identity file /home/alj/.ssh/id_rsa-cert type -1 debug1: identity file /home/alj/....

Note: This is known to work for a machine acting as masquerading firewall for an entire network. I wanted to block connections to certain outbound ports. After some trial and errors I found something that works Add the following to /etc/ufw/before.rules: -A ufw-before-forward -s <SOURCE IP> ! -d <LOCAL NET>/24 -p tcp -m tcp --dport <DEST PORT> -j DROP it’s as simple as that. Remember to reload all the rules:...