1

I've been looking around for a solution to specify ufw firewallrules for a specific program. I found out that using the applications.d should do the trick.

However, upon adding the rules to the firewall, the firewall opens the port for all applications.

Basically I'm denying both incoming and outgoing on ufw, and then add the following to a file called OVPN in the applications.d directory

[OVPN]
title=Ovpn
description=Ovpn client
ports=53,1194,1195/udp|53,443,7505/tcp

I can't figure out why this opens the port for all programs on the computer..

Anybody got any suggestions?

Adam Larsson
  • 21
  • 1
  • 4
  • Hello, it is not clear what you mean with " this opens the port for all programs on the computer". Does it means you can access the open ssh server on port 22 (for example)? – pa4080 Nov 21 '19 at 05:18
  • What do OP expect? application.d is for daemons to put their script here, so user can use `sudo ufw allow APPNAME` as shortcut to allow incoming connection. – Alvin Liang Nov 21 '19 at 05:46
  • @pa4080 no, but all apps can use port 443 for example – Adam Larsson Nov 21 '19 at 06:13
  • @Alvin Liang the issue is that other apps can also use the ports I opened for OVPN. – Adam Larsson Nov 21 '19 at 06:14
  • Of course, this only controls iptables INPUT rules. There's no differences between "this app" and "other apps". – Alvin Liang Nov 21 '19 at 06:25
  • Hi, @AdamLarsson, the ports are not dedicated to any app, but if one app listen to a certain port no other app can use it. So I think everything is all right. – pa4080 Nov 21 '19 at 06:25
  • Oh, I c, I thought the ufw was like firewalls for Windows, that you could specify what apps that are allowed thru. Isn't that possible at all? – Adam Larsson Nov 21 '19 at 06:40
  • Possibly related: [Is there any Application level firewall for Ubuntu 16.04? (with GUI)](https://askubuntu.com/questions/917575/is-there-any-application-level-firewall-for-ubuntu-16-04-with-gui) – steeldriver Nov 21 '19 at 11:52

0 Answers0