تنظیمات اولیه فایروال

#!/bin/bash

# Basic Firewall Setup with UFW

if [ "$EUID" -ne 0 ]; then 
    echo "Please run as root"
    exit 1
fi

echo "Setting up firewall with UFW..."
echo ""

if ! command -v ufw &> /dev/null; then
    echo "Installing UFW..."
    apt-get update && apt-get install -y ufw
fi

echo "Resetting UFW to defaults..."
ufw --force reset

echo "Setting default policies..."
ufw default deny incoming
ufw default allow outgoing

echo "✓ Default policies set"
echo ""

read -p "SSH Port (default 22): " SSH_PORT
SSH_PORT=${SSH_PORT:-22}

echo "Allowing SSH on port $SSH_PORT..."
ufw allow $SSH_PORT/tcp comment "SSH"

read -p "Allow HTTP (80)? (y/n): " ALLOW_HTTP
if [ "$ALLOW_HTTP" = "y" ]; then
    ufw allow 80/tcp comment "HTTP"
    echo "✓ HTTP allowed"
fi

read -p "Allow HTTPS (443)? (y/n): " ALLOW_HTTPS
if [ "$ALLOW_HTTPS" = "y" ]; then
    ufw allow 443/tcp comment "HTTPS"
    echo "✓ HTTPS allowed"
fi

read -p "Any additional ports to open? (comma-separated, or press Enter to skip): " ADDITIONAL_PORTS
if [ ! -z "$ADDITIONAL_PORTS" ]; then
    IFS="," read -ra PORTS <<< "$ADDITIONAL_PORTS"
    for port in "${PORTS[@]}"; do
        ufw allow $port/tcp
        echo "✓ Port $port allowed"
    done
fi

echo ""
echo "Enabling UFW..."
ufw --force enable

echo ""
echo "======================================"
echo "FIREWALL STATUS"
echo "======================================"
ufw status verbose

echo ""
echo "======================================"
echo "FIREWALL RULES"
echo "======================================"
ufw status numbered

echo ""
echo "✓ Firewall setup completed!"
echo ""
echo "To add more rules later:"
echo "  ufw allow <port>/tcp"
echo "To remove a rule:"
echo "  ufw delete <rule number>"

sudo chmod +x firewall_setup.sh
sudo ./firewall_setup.sh

# Add rules manually
sudo ufw allow 8080/tcp
sudo ufw delete allow 8080/tcp

# Check status
sudo ufw status