From cc81a7ccfe26747f9461d4a7c1dc4634cab239d6 Mon Sep 17 00:00:00 2001 From: Stefan-Code Date: Sat, 7 Nov 2015 15:56:01 +0100 Subject: [PATCH] added ufw firewall application preset (fixes #2435) --- .gitignore | 1 + build.go | 4 ++++ etc/firewall-ufw/README.md | 21 +++++++++++++++++++++ etc/firewall-ufw/syncthing | 4 ++++ 4 files changed, 30 insertions(+) create mode 100644 etc/firewall-ufw/README.md create mode 100644 etc/firewall-ufw/syncthing diff --git a/.gitignore b/.gitignore index b3c49ab8d..b17e7f042 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ syncthing +!etc/firewall-ufw/syncthing !gui/syncthing !Godeps/_workspace/src/github.com/syncthing syncthing.exe diff --git a/build.go b/build.go index 54d22b6fb..adfce1805 100644 --- a/build.go +++ b/build.go @@ -315,6 +315,7 @@ func buildDeb() { {src: "man/syncthing-versioning.7", dst: "deb/usr/share/man/man7/syncthing-versioning.7", perm: 0644}, {src: "etc/linux-systemd/system/syncthing@.service", dst: "deb/lib/systemd/system/syncthing@.service", perm: 0644}, {src: "etc/linux-systemd/user/syncthing.service", dst: "deb/usr/lib/systemd/user/syncthing.service", perm: 0644}, + {src: "etc/firewall-ufw/syncthing", dst: "deb/etc/ufw/applications.d/syncthing", perm: 0644}, } for _, file := range listFiles("extra") { @@ -343,6 +344,8 @@ Description: Open Source Continuous File Synchronization -- Jakob Borg {{date}} ` + conffiles := "/etc/ufw/applications.d/syncthing\n" + control = strings.Replace(control, "{{arch}}", debarch, -1) control = strings.Replace(control, "{{version}}", version[1:], -1) changelog = strings.Replace(changelog, "{{arch}}", debarch, -1) @@ -353,6 +356,7 @@ Description: Open Source Continuous File Synchronization ioutil.WriteFile("deb/DEBIAN/control", []byte(control), 0644) ioutil.WriteFile("deb/DEBIAN/compat", []byte("9\n"), 0644) ioutil.WriteFile("deb/DEBIAN/changelog", []byte(changelog), 0644) + ioutil.WriteFile("deb/DEBIAN/conffiles", []byte(conffiles), 0644) } diff --git a/etc/firewall-ufw/README.md b/etc/firewall-ufw/README.md new file mode 100644 index 000000000..1a00236ac --- /dev/null +++ b/etc/firewall-ufw/README.md @@ -0,0 +1,21 @@ +Uncomplicated FireWall application preset +=================== +Installation +----------- +**Please note:** When you installed syncthing using the official deb package, you can skip the copying. + +Copy the file `syncthing` to your ufw applications directory usually located at `/etc/ufw/applications.d/`. (root permissions required). + +Then run +``` +sudo ufw app update syncthing +``` +to load the preset. +To allow the syncthing ports, run: +``` +sudo ufw allow syncthing +``` +You can also verify the opened ports: +``` +sudo ufw status verbose +``` diff --git a/etc/firewall-ufw/syncthing b/etc/firewall-ufw/syncthing new file mode 100644 index 000000000..1aeada11f --- /dev/null +++ b/etc/firewall-ufw/syncthing @@ -0,0 +1,4 @@ +[syncthing] +title=Syncthing +description=Syncthing file synchronisation +ports=22000/tcp|21027/udp