Page 1 of 1

Dietpi Firewall

Posted: Sun Mar 08, 2020 12:56 am
by midacts
Is there some kind of firewall running on DietPi?

i've ran this and new records get added later automatically:

```bash
iptables-legacy -P INPUT ACCEPT
iptables-legacy -P FORWARD ACCEPT
iptables-legacy -P OUTPUT ACCEPT
iptables-legacy -t nat -F
iptables-legacy -t mangle -F
iptables-legacy -F
iptables-legacy -X
```

I'm trying to run K3S and host services, but i can't connect to the nodeport externally (but i can hit the port if i ssh into the host itself).
Firewall related : [

Re: Dietpi Firewall

Posted: Sun Mar 08, 2020 1:17 am
by Joulinar
by default, DietPi did not contain a Firewall. Thinks like this would need to be installed by the user.

Re: Dietpi Firewall

Posted: Sun Mar 08, 2020 3:25 am
by midacts
Not really sure but i have it working.
Maybe something else was going on.

Re: Dietpi Firewall

Posted: Mon Mar 09, 2020 4:34 am
by WarHawk
Honestly the easiest way to setup a "stateful" firewall with pinholes for SSH and (insert other services here) would be to install UFW

https://www.digitalocean.com/community/ ... oud-server
By default the above install allows all out, and blocks all in except port 22 for ssh and those that have been initiated from the machine itself), simple commands allow whatever you want thru from then