How can I change my firewall settings in dependency of my network environment?

Question

I need ports open at home for syncthing, but want incoming connections blocked when on any other network. How do I do this with Ubuntu?

Without this feature I quite often end up turning off the laptop at home with the firewall off, then turning the laptop on at say work and having it connect automatically to a network where I wanted the firewall on, leaving a window of extra vulnerability while I get the firewall turned back on. Not ideal!

Prompted by: https://askubuntu.com/a/688912/79266

I'm currently using gufw. See also https://help.ubuntu.com/community/Gufw

P.S. Windows can do this.

AN example: sudo ufw allow from 15.15.15.0/24 to any port 873 or $ sudo ufw allow from 192.168.1.215 proto udp to any port 88 specifying a protocol — George Udosen, May 10 '17 at 20:42
Neat, thanks @George, Though home is 192.* which sometimes matches other networks (on my todo list). — Tim Abell, May 11 '17 at 09:18
firewalld + https://apps.ubuntu.com/cat/applications/saucy/firewall-applet/ seems to be the answer I was after. https://askubuntu.com/a/406784/79266 — Tim Abell, Jul 03 '17 at 22:06

score 0 · Answer 1 · answered May 11 '17 at 09:39

Solution would be:

Identify the network address for your home network or any other you want to associate a port with.

Tell ufw to allow traffic from that network via that port like so:

sudo ufw allow from 15.15.15.0/24 to any port 873

# another example

sudo ufw allow from 192.168.1.215 proto udp to any port 88

Note:

The ports chosen are purely imaginary pick that which fits your setup, same situation for network address.

How can I change my firewall settings in dependency of my network environment?

1 Answers1