5

[ubuntu] ufw and dansguardian

view full story
linux-howto

http://ubuntuforums.org – Hello, I want to use dansguardian as a content filter with squid. I also want to block all outgoing internet traffic except on port 8080, so that users cannot circumvent the content filter by turning off the proxy settings in their browser. However, when I do this using ufw it basically blocks all outgoing internet traffic even if I allow specific ports. Here is the result of ufw status verbose: Status: active Logging: on (low) Default: deny (incoming), deny (outgoing) New profiles: skip To Action From -- ------ ---- 25,53 (Hardware)

xskl's picture
Submitted by xskl on 01/26/2012 – Made popular on 01/26/2012

Stories similar to [ubuntu] ufw and dansguardian

I am using UFW with a default logging policy of "low".

I would like to keep this logging on for the default deny action, but disable it for a particular IP address only.

I've recently noticed a large number of recurring UFW blocks in my syslog.

With UFW, I disabled all outgoing and ingoing traffic by default. However, I do allow port 80 in and out:

sudo ufw default deny incoming (deny all incoming) sudo ufw default deny outgoing (deny all outgoing) sudo ufw allow in 80/tcp (accept all incoming tcp from port 80) sudo ufw allow out 80/tcp (accept all outgoing tcp to port 80)

Yet, the following commands don't seem to work.

I run a web server (Debian Squeeze on a VPS), and the graphs provided by the hosting company show consistently that around twice as much traffic is incoming to the server compared to the outgoing traffic.

I am pretty newbie to Linux, as most of computers for resources in my school use Linux, I just installed Ubuntu to learn.

By default iptables and ufw sets policy as under:

IPTABLES -P INPUT DROP IPTABLES -P FORWARD DROP IPTABLES -P OUTPUT ACCEPT

ufw default deny (default incoming).

In both cases, Linux all distros trust all applications including fames ftp, smtp, SSH, mail and all others allo

I understand that somebody would want to block incoming traffic as a general rule except for public resources. And I also understand that you could want to block all outgoing traffic except for certain external services.

But is there any serious security risk if I allow incoming traffic that represents responses to previous outgoing traffic, e.g. HTTP requests?

[ubuntu] enabled ufw 27 weeks 4 days ago

i just enabled ufw firewall with gufw and terminal and status is active allow outgoing deny incoming profile skips

does this default settings affect my youtube java applets music chats facebook etc? can i foget it and do my normal stuffs as my firewall block all incoming does that mean i cant download music etc?

Do anyone have a recommended program that will help me restrict outgoing traffic on my Ubuntu Server to 50KB/sec per IP?

I have found alternatives, but they seem to only work on etc HTTP (port 80) and so on(I think Squid only work with HTTP), I want a program that restricts all forms of outgoing traffic on all ports to max 50KB/sec per IP.

I am looking for a smtp proxy to install on our gateway which should monitor outgoing smtp traffic to identify the source of recently occuring spam attacks from our network.

It would be enough if this could log all outgoing mails, no actual filtering must be done as I'm going to do this manually.

Also, is it possible to monitor smtps ports 465 and 587 or is it necessary to completely block these