Syntax for ufw app profiles, specifically to define interfaces and IP addresses

0

After googling several sites and browsing through the [man page][1], I still come up short with an exact definition of the syntax of the application profiles for ufw rules.

All examples you find of the web are really simple ones and don't reflect a little more complexity than simply opening a port.

Specifically, I need to allow my ufw to accept incoming and outgoing connections on a variety of ports, tcp and udp mixed, on specific interfaces to and from specified IP addresses.

Assume the following example:

Allow incoming connections on eth0 from 1.1.1.1:12345 tcp and 2.2.2.2:54321 udp allow outbound connections via eth1 to 3.3.3.3:11111 tcp and udp

While the syntax for defining such rules on the console is really simple, I have found no example or specification of how to define such rules in an app profile.

Xenonite

Posted 2019-06-17T09:50:40.717

Reputation: 103

Answers

1

Apparently, there is no way to specify IP addresses and interfaces in application profiles.

The field parsing function and the test suite for app profiles do not include any other fields apart from:

  • title
  • description
  • ports

A very likely reason is that application profiles should specify — from an app vendor's perspective — what the application requires in order to work. This can be expressed in ports and protocols. The IP addresses and interfaces, however, are client-dependent and will vary on every system on which the respective app is installed. Hence, it doesn't make sense to bake that into profiles.

slhck

Posted 2019-06-17T09:50:40.717

Reputation: 182 472

Asked: 2019-06-17T09:50:40.717

Viewed: 137 times

Active: 2019-06-24T23:45:46.453