Hey!
Could you provide basic settings for ufw or other firewall in installation documentation?
Current documentation is quite vague: https://flynn.io/docs/production#firewalling because flynn contains so many internal virtual interfaces.
I just thought ufw could be could fit because the preferred distro is ubuntu.
I tried multiple different combinations but everytime postgres connections between hosts just got blocked.
This is related to my bootstrap firewall frustration: https://github.com/flynn/flynn/issues/3259.
Excelsior! I try again with those.
My problems were solved by using this one:
DEFAULT_FORWARD_POLICY="ACCEPT"
in /etc/default/ufw
. Thanks @philiplb :)!
For the sake of completion, here is replacing DEFAULT_FORWARD_POLICY from command line (without the editor):
sed -i 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw
or just use:
ufw default allow routed
Hi -
this is a must for standard flynn.io documentation in my opinion!
Also, as flynn.io wants to be as easy as possible, flynn-host should recommend to automatically set up networking with ufw :)
Thank you for making flynn.io possible!
or just use:
ufw default allow routed
@Darkless012 - Isn't it this?
ufw default allow forward
Most helpful comment
https://philiplb.de/flynn/2016/04/19/flynn-ufw/