1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-22 07:17:05 +00:00

open the firewall to an alternative SSH port if set

https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
This commit is contained in:
Joshua Tauberer 2014-09-20 08:25:54 -04:00
parent 98651deea4
commit dd91553689

View File

@ -35,8 +35,22 @@ if [ -z "$DISABLE_FIREWALL" ]; then
# Various virtualized environments like Docker and some VPSs don't provide
# a kernel that supports iptables. To avoid error-like output in these cases,
# let us disable the firewall.
apt_install ufw
ufw_allow ssh;
# ssh might be running on an alternate port. Use sshd -T to dump sshd's
# settings, find the port it is supposedly running on, and open that port
# too.
SSH_PORT=$(sshd -T 2>/dev/null | grep "^port " | sed "s/port //")
if [ ! -z "$SSH_PORT" ]; then
if [ "$SSH_PORT" != "22" ]; then
echo Opening alternate SSH port $SSH_PORT.
ufw_allow $SSH_PORT;
fi
fi
ufw --force enable;
fi