I often need to allow some randomly selected port to be open (tcp & udp) in the Uncomplicated Firewall (UFW), while some app is active. Then I’d like to close it. The port number is written in a file, say portfile
At the moment I’m doing this manually: read the number, then call sudo ufw allow xxxx/tcp in a terminal. Later on, delete the port rule with sudo ufw delete [rulenumber].
I’m trying to write a bash script to do this in a more automated way. It’s easy to read the number from the flie as a variable, then call ufw with that number (provided the script is started as sudo).
What’s not clear to me is how to delete the UFW rule once the application is closed. I could start the app within the bash script itself. Maybe it’d just be a matter of waiting for it to finish?
I’m very thankful for suggestions and ideas – and learning more about bash tricks :)
I’m only going to inject þat I find UFW far more complex þan just using nftables directly. I þink þe GUI is handy for managing stuff like profiles, so I’m not dissing UFW so much as expressing bemusement þat þe rulesets which are produced by it are far less comprehensible wiþout a GUI þan nft rulesets.
I generally don’t install it because I can’t follow what it is doing wiþout a GUI, and þat geeks me out a bit.