Banana Pi BPI-M1 – uncomplicated firewall (ufw) for an S3-compatible object storage server with MinIO on Armbian Bullseye

root@bpi-iot-jsho-minio-01:~# apt-get install ufw
Paketlisten werden gelesen… Fertig
Abh▒ngigkeitsbaum wird aufgebaut… Fertig
Statusinformationen werden eingelesen… Fertig
Die folgenden NEUEN Pakete werden installiert:
ufw
0 aktualisiert, 1 neu installiert, 0 zu entfernen und 0 nicht aktualisiert.
Es m▒ssen 167 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 857 kB Plattenplatz zus▒tzlich benutzt.
Holen:1 http://deb.debian.org/debian bullseye/main armhf ufw all 0.36-7.1 [167 k B]
Es wurden 167 kB in 0 s geholt (456 kB/s).
Preconfiguring packages …
Vormals nicht ausgew▒hltes Paket ufw wird gew▒hlt.
(Lese Datenbank … 39605 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von …/archives/ufw_0.36-7.1_all.deb …
Entpacken von ufw (0.36-7.1) …
ufw (0.36-7.1) wird eingerichtet …

Creating config file /etc/ufw/before.rules with new version

Creating config file /etc/ufw/before6.rules with new version

Creating config file /etc/ufw/after.rules with new version

Creating config file /etc/ufw/after6.rules with new version
Created symlink /etc/systemd/system/multi-user.target.wants/ufw.service -> /lib/systemd/system/ufw.service.
Trigger f▒r rsyslog (8.2102.0-2) werden verarbeitet …
Trigger f▒r man-db (2.9.4-2) werden verarbeitet …

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw allow 22
Rules updated
Rules updated (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# cat /proc/sys/net/ipv4/ip_local_port_range
32768 60999

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 9000:9010
Rule added

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 32768:60999
Rule added

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
32768:60999/tcp ALLOW IN 192.168.1.0/24
9000:9010/tcp ALLOW IN 192.168.1.0/24
22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

This entry was posted on Freitag, Dezember 17th, 2021 at 14:46 and is filed under Administration, MinIO S3 Storage. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

You must be logged in to post a comment.

IT Solutions Technology Blog

Banana Pi BPI-M1 – uncomplicated firewall (ufw) for an S3-compatible object storage server with MinIO on Armbian Bullseye

Creating config file /etc/ufw/before.rules with new version

Creating config file /etc/ufw/before6.rules with new version

Creating config file /etc/ufw/after.rules with new version

root@bpi-iot-jsho-minio-01:~# ufw allow 22
Rules updated
Rules updated (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# cat /proc/sys/net/ipv4/ip_local_port_range
32768 60999

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 9000:9010
Rule added

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 32768:60999
Rule added

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
32768:60999/tcp ALLOW IN 192.168.1.0/24
9000:9010/tcp ALLOW IN 192.168.1.0/24
22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

Leave a Reply

Banana Pi BPI-M1 – uncomplicated firewall (ufw) for an S3-compatible object storage server with MinIO on Armbian Bullseye

Creating config file /etc/ufw/before.rules with new version

Creating config file /etc/ufw/before6.rules with new version

Creating config file /etc/ufw/after.rules with new version

root@bpi-iot-jsho-minio-01:~# ufw allow 22 Rules updated Rules updated (v6) root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw enable Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip

To Action From — —— —- 22 ALLOW IN Anywhere 22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# cat /proc/sys/net/ipv4/ip_local_port_range 32768 60999

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 9000:9010 Rule added

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 32768:60999 Rule added

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip

To Action From — —— —- 22 ALLOW IN Anywhere 32768:60999/tcp ALLOW IN 192.168.1.0/24 9000:9010/tcp ALLOW IN 192.168.1.0/24 22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~#

Leave a Reply

root@bpi-iot-jsho-minio-01:~# ufw allow 22
Rules updated
Rules updated (v6)

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

root@bpi-iot-jsho-minio-01:~#

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)

root@bpi-iot-jsho-minio-01:~# cat /proc/sys/net/ipv4/ip_local_port_range
32768 60999

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 9000:9010
Rule added

root@bpi-iot-jsho-minio-01:~# ufw allow proto tcp from 192.168.1.0/24 to any port 32768:60999
Rule added

root@bpi-iot-jsho-minio-01:~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
— —— —-
22 ALLOW IN Anywhere
32768:60999/tcp ALLOW IN 192.168.1.0/24
9000:9010/tcp ALLOW IN 192.168.1.0/24
22 (v6) ALLOW IN Anywhere (v6)