Simplifying (I hope) UFW and iptables for folks and serving as a reference for myself
Beware! You're entering the ....
Everything in /applications.d goes into /etc/ufw/applications.d.
You'll need to change the owner to root.
I've provided two scripts so you can easily run one depending on your
location; public or not public. Comment and uncomment as needed for what
you want to expose to the LAN and interwebs. You will need to run this
with superuser rights.
Edit the rules in the LAN area to reflect the subnet of your LAN, obvs.
You can use something like my [network control manager](https://github.com/uriel1998/networkcontrol-wicd-networkmanager)
to configure which script is called.
This is a script to automate the downloading, cleaning, and
implementation of blocklists for IPTABLES to protect your computer or
server from IPs associated with bad things like malware, child
pornography, web exploits, and the like. I mean, if someone's gone to
the bother to collect these blocklists, we might as well use them for
legit purposes, right?
It can be used without my UFW script, but you'll want to uncomment the
last two lines. You will need to run this with superuser rights.
Prerequisites: IPSET, which should be available for your distribution.