zias/omarchy
1
0
Fork 0
mirror of https://github.com/basecamp/omarchy.git synced 2026-02-17 15:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9dcc6f0aec7582718478bb0dbb616c54ec317791
omarchy/install/checks/firewall.sh
Ryan Hughes 9dcc6f0aec Add omarchy-doctor checks
2025-09-28 00:45:37 -04:00

22 lines
1.1 KiB
Bash
Raw Blame History

OMARCHY_DESCRIPTION="Firewall Configuration"
omarchy_verify() {
# Check if UFW is enabled
sudo ufw status | grep -q "Status: active" || add_error "UFW firewall not active"
# Check if UFW service is enabled
systemctl is-enabled ufw &>/dev/null || add_error "UFW service not enabled"
# Check default policies - they're on one line as "Default: deny (incoming), allow (outgoing), deny (routed)"
sudo ufw status verbose | grep -q "Default:.*deny (incoming)" || add_error "UFW default incoming policy not set to deny"
sudo ufw status verbose | grep -q "Default:.*allow (outgoing)" || add_error "UFW default outgoing policy not set to allow"
# Check specific rules are present
sudo ufw status numbered | grep -q "53317/udp" || add_error "LocalSend UDP port 53317 not allowed"
sudo ufw status numbered | grep -q "53317/tcp" || add_error "LocalSend TCP port 53317 not allowed"
sudo ufw status numbered | grep -q "22/tcp" || add_error "SSH port 22 not allowed"
# Check Docker DNS rule
sudo ufw status numbered | grep -q "allow-docker-dns" || add_error "Docker DNS rule not configured"
}
Reference in New Issue View Git Blame Copy Permalink