Hello from Australia,
I made up this handy script to make your firewall setup a breeze! It’s super straightforward and ensures all the essential ports are good to go.
I’ve tested it on NixOS, Fedora, Mint, and now BigLinux, so it should work like a charm for you too.
Give it a spin and let me know how it goes. Your feedback helps me keep making improvements!
Cheers, Tolga
#!/bin/bash
# tolga erok
# samba and forewall setup
# Define allowed TCP ports
allowedTCPPorts=(
21 # FTP
53 # DNS
80 # HTTP
443 # HTTPS
143 # IMAP
389 # LDAP
139 # Samba
445 # Samba
25 # SMTP
22 # SSH
5432 # PostgreSQL
3306 # MySQL/MariaDB
3307 # MySQL/MariaDB
111 # NFS
2049 # NFS
2375 # Docker
22000 # Syncthing
9091 # Transmission
60450 # Transmission
80 # Gnomecast server
8010 # Gnomecast server
8888 # Gnomecast server
5357 # wsdd: Samba
1714 # Open KDE Connect
1764 # Open KDE Connect
8200 # Teamviewer
)
# Define allowed UDP ports
allowedUDPPorts=(
53 # DNS
137 # NetBIOS Name Service
138 # NetBIOS Datagram Service
3702 # wsdd: Samba
5353 # Device discovery
21027 # Syncthing
22000 # Syncthing
8200 # Teamviewer
1714 # Open KDE Connect
1764 # Open KDE Connect
)
# Update package repositories
echo "Updating package repositories..."
sudo pacman -Syu
# Install Samba and CIFS utilities
echo "Installing Samba and CIFS utilities..."
sudo pacman -S --noconfirm samba cifs-utils
# Start and enable Samba service
echo "Starting and enabling Samba service..."
sudo systemctl start smb.service
sudo systemctl enable smb.service
# Open ports in the firewall
echo "Opening ports in the firewall..."
for port in "${allowedTCPPorts[@]}"; do
sudo ufw allow "$port/tcp"
done
for port in "${allowedUDPPorts[@]}"; do
sudo ufw allow "$port/udp"
done
# Specific rules for UDP ports 137 and 138, and TCP ports 139 and 445
sudo ufw allow 137/udp
sudo ufw allow 138/udp
sudo ufw allow 139/tcp
sudo ufw allow 445/tcp
# Reload the firewall for changes to take effect, not sure if this works on arch, but it does on fedora
sudo ufw reload
echo "Firewall, Samba and CIFS setup completed!"