Uncomplicated Firewall Rules - ufw

gistfile1.txt

# smtp.office365.com. There are a whole lot more ip's to white list including IPv6
### All the smtp.office365.com rules
sudo ufw reject in 587
sudo ufw allow from 127.0.0.1 port 587 to 13.107.9.152/31 port 587
sudo ufw allow from 127.0.0.1 port 587 to 13.107.18.10/31 port 587
sudo ufw allow from 127.0.0.1 port 587 to 13.107.19.10/31 port 587
sudo ufw allow from 127.0.0.1 port 587 to 13.107.128.0/22 port 587
sudo ufw allow from 127.0.0.1 port 587 to 23.103.160.0/20 port 587
sudo ufw allow from 127.0.0.1 port 587 to 23.103.224.0/19 port 587
sudo ufw allow from 127.0.0.1 port 587 to 40.96.0.0/13 port 587
sudo ufw allow from 127.0.0.1 port 587 to 40.104.0.0/15 port 587
sudo ufw allow from 127.0.0.1 port 587 to 52.96.0.0/14 port 587
sudo ufw allow from 127.0.0.1 port 587 to 111.221.112.0/21 port 587
sudo ufw allow from 127.0.0.1 port 587 to 131.253.33.215/32 port 587
sudo ufw allow from 127.0.0.1 port 587 to 132.245.0.0/16 port 587
sudo ufw allow from 127.0.0.1 port 587 to 134.170.68.0/23 port 587
sudo ufw allow from 127.0.0.1 port 587 to 150.171.32.0/22 port 587
sudo ufw allow from 127.0.0.1 port 587 to 157.56.232.0/21 port 587
sudo ufw allow from 127.0.0.1 port 587 to 157.56.240.0/20 port 587
sudo ufw allow from 127.0.0.1 port 587 to 191.232.96.0/19 port 587
sudo ufw allow from 127.0.0.1 port 587 to 191.234.6.152/32 port 587
sudo ufw allow from 127.0.0.1 port 587 to 191.234.140.0/22 port 587
sudo ufw allow from 127.0.0.1 port 587 to 204.79.197.215/32 port 587
sudo ufw allow from 127.0.0.1 port 587 to 206.191.224.0/19 port 587
sudo ufw allow from ::1 port 587 to 2603:1006::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1016::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1026::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:200::/39 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:400::/39 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:600::/44 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:620::/44 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:800::/44 port 587
sudo ufw allow from ::1 port 587 to 2603:1026:820::/45 port 587
sudo ufw allow from ::1 port 587 to 2603:1036::/39 port 587
sudo ufw allow from ::1 port 587 to 2603:1036:200::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1036:400::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1036:600::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1036:800::/38 port 587
sudo ufw allow from ::1 port 587 to 2603:1036:c00::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1046::/37 port 587
sudo ufw allow from ::1 port 587 to 2603:1046:900::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1056::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1056:400::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1056:600::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1096::/38 port 587
sudo ufw allow from ::1 port 587 to 2603:1096:400::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1096:600::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:1096:a00::/39 port 587
sudo ufw allow from ::1 port 587 to 2603:1096:c00::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:10a6:200::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:10a6:400::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:10a6:600::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:10a6:800::/40 port 587
sudo ufw allow from ::1 port 587 to 2603:10d6:200::/40 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:4::152/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:4::153/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:c::10/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:c::11/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:d::10/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:d::11/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:8f0::/46 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:900::/46 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:a92::152/128 port 587
sudo ufw allow from ::1 port 587 to 2620:1ec:a92::153/128 port 587
sudo ufw allow from ::1 port 587 to 2a01:111:f400::/48 port 587



# CloudFlare. There are a whole lot more ips to white list including IPv6
sudo ufw allow from 103.21.244.0/22 to any port http
sudo ufw allow from 103.22.200.0/22 to any port http
sudo ufw allow from 103.31.4.0/22 to any port http
sudo ufw allow from 104.16.0.0/12 to any port http
sudo ufw allow from 108.162.192.0/18 to any port http
sudo ufw allow from 131.0.72.0/22 to any port http
sudo ufw allow from 141.101.64.0/18 to any port http
sudo ufw allow from 162.158.0.0/15 to any port http
sudo ufw allow from 172.64.0.0/13 to any port http
sudo ufw allow from 173.245.48.0/20 to any port http
sudo ufw allow from 188.114.96.0/20 to any port http
sudo ufw allow from 190.93.240.0/20 to any port http
sudo ufw allow from 197.234.240.0/22 to any port http
sudo ufw allow from 198.41.128.0/17 to any port http
sudo ufw allow from 2400:cb00::/32 to any port http
sudo ufw allow from 2405:8100::/32 to any port http
sudo ufw allow from 2405:b500::/32 to any port http
sudo ufw allow from 2606:4700::/32 to any port http
sudo ufw allow from 2803:f800::/32 to any port http
sudo ufw allow from 2c0f:f248::/32 to any port http
sudo ufw allow from 2a06:98c0::/29 to any port http

sudo ufw allow from 103.21.244.0/22 to any port https
sudo ufw allow from 103.22.200.0/22 to any port https
sudo ufw allow from 103.31.4.0/22 to any port https
sudo ufw allow from 104.16.0.0/12 to any port https
sudo ufw allow from 108.162.192.0/18 to any port https
sudo ufw allow from 131.0.72.0/22 to any port https
sudo ufw allow from 141.101.64.0/18 to any port https
sudo ufw allow from 162.158.0.0/15 to any port https
sudo ufw allow from 172.64.0.0/13 to any port https
sudo ufw allow from 173.245.48.0/20 to any port https
sudo ufw allow from 188.114.96.0/20 to any port https

# https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges
# https://www.cloudflare.com/ips/