This Bash script allows sysadmins and developers to easily add inbound IPv4 port rules to the iptables
configuration of an Ubuntu server. Rather than using UFW, this script directly manipulates the iptables
configuration, ensuring that new rules are inserted in the correct order to be effectively considered by the firewall.
- An Ubuntu server.
- Root or sudo access to the server.
-
Clone the Gist: Download the script
add_port.sh
from the Gist and upload it to your server. -
Permission Assignment: Ensure the script has execute permissions by running the following command:
chmod +x add_port.sh
-
Execute the Script: Run the script with the desired port number as an argument using superuser privileges:
sudo ./add_port.sh <port_number>
Replace
<port_number>
with the actual port number you want to allow through the firewall.
<port_number>
: (Required) The port number you want to open in the firewall. Must be a valid port number (1-65535).
- The script performs a basic validation of the port number but does not check if the port is already in use or already allowed through
iptables
. - Always verify the new
iptables
rules after applying them and ensure connectivity to avoid unintentional lockouts. - Additional security measures (e.g., IP whitelisting) might be needed for opened ports to mitigate potential risks.
- The script assumes that the SSH rule (port 22) is present in the
iptables
configuration file and inserts the new rule after it. Adjust the script as needed based on your specificiptables
configuration. - Please thoroughly test the script in a secure environment before using it in production to ensure it behaves as expected.
Use this script at your own risk. The author is not responsible for any network issues, lockouts, or security vulnerabilities that may arise from the use of this script.
Feel free to fork this Gist and contribute by submitting a Pull Request. Ensure that your code is clean and well-commented.