Maybe your rules are not in appropriate order. In firewalls it is important how rules are ordered. If I set 'incoming' 'Allow', then the rule for Nitroshare is redundant and I essentially have no control. I expected I could then set 'incoming' to 'Deny'. Similarly I know which IP addresses on my LAN I wish to allow to received data from/send data to and have set that address range in the rule, too. Indeed I do (think I) know what ports Nitroshare uses and have set those ports in the rule I defined for it in GUFW. I don't use it myself by I understand you could use firejail to run your app in a sandbox and deny it all network access. For added piece of mind you can restrict that access to incoming from your LAN only or from specific IPs on your LAN.įor your other application unless you be sure of what ports it uses and that those ports are only used by the application GUFW/UFW isn't the tool you need. Similarly how do I create a rule which will prevent ‘outgoing’ for one specific app when the guidance in GUFW suggests that for most users of GUFW, ‘outgoing’ can be ‘allowed’.įor Nitroshare if you know what ports it's using you can specify a specific inbound rule allowing traffic on that port. How do I change that so only Nitroshare-asssociated transfers are permitted? to/from any IP, on any port, before transfer on Nitroshare will work. That is, I have to allow all incoming/outgoing transfers, from any app. But try as I might with a rule, transfers via Nitroshare are prevented if either inbound or outbound is set to ‘deny’ at the ‘global’ level. I also thought these ‘global’ settings could by over-ruled by creating a, well, rule. I now realise that the meaning is the complete opposite. ‘go’) data transfer (in or out) and red meant ‘deny’ (i.e. Then I thought that green meant ‘allow’ (i.e. Deny a commercial, non-FOSS application I use, under Linux, to manage my financial data from ‘phoning home’ - as I have now learned that this software is developed in a country which is notorious for creating malware.Īt first I thought the red and green colours on the GUFW icon were merely part of the design of the icon. Nitroshare to work effectively between the Linux and Windows machines on my network (and, yes, I am aware that a Firewall is not necessary on the Linux machines behind my NAT router) 2). Specifically there are 2 objectives I wish to achieve: 1). I just cannot make sense of GUFW and would appreciate a pointer to an effective learning source (i.e.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |