 efaaea3bae
			
		
	
	efaaea3bae
	
	
	
		
			
			- Added UCXL validator implementation with error codes and response codes - Created Docker-based development environment - Implemented frontend browser interface with TypeScript/React - Added backend validation service in Python - Created comprehensive UCXL browser specification and validation tools 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
		
			
				
	
	
		
			60 lines
		
	
	
		
			2.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			60 lines
		
	
	
		
			2.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | ||
| 
 | ||
| # Reset firewall to a clean state
 | ||
| sudo ufw --force reset
 | ||
| 
 | ||
| # Set default policies
 | ||
| sudo ufw default deny incoming
 | ||
| sudo ufw default allow outgoing
 | ||
| 
 | ||
| # Enable IPv6 (if used)
 | ||
| sudo sed -i 's/IPV6=no/IPV6=yes/' /etc/default/ufw
 | ||
| 
 | ||
| # Enable SSH (required for remote access)
 | ||
| sudo ufw allow 22/tcp comment "SSH access"
 | ||
| 
 | ||
| # Web services (accessible to public)
 | ||
| sudo ufw allow 80/tcp comment "HTTP web traffic"
 | ||
| sudo ufw allow 443/tcp comment "HTTPS web traffic"
 | ||
| 
 | ||
| # LAN-only ports
 | ||
| LAN="192.168.1.0/24"
 | ||
| 
 | ||
| sudo ufw allow from $LAN to any port 8080 proto tcp comment "Web UI (possibly internal service)"
 | ||
| sudo ufw allow from $LAN to any port 8188 proto tcp comment "LAN-only service (e.g. streaming or local API)"
 | ||
| sudo ufw allow from $LAN to any port 9090 proto tcp comment "Cockpit system management"
 | ||
| sudo ufw allow from $LAN to any port 11434 proto tcp comment "Ollama / custom local AI inference port"
 | ||
| sudo ufw allow from $LAN to any port 2377 proto tcp comment "Docker Swarm manager traffic (TCP)"
 | ||
| sudo ufw allow from $LAN to any port 4789 proto udp comment "Docker Swarm overlay networking (UDP)"
 | ||
| sudo ufw allow from $LAN to any port 7946 proto udp comment "Docker Swarm node discovery (UDP)"
 | ||
| sudo ufw allow from $LAN to any port 7946 proto tcp comment "Docker Swarm cluster communication (TCP)"
 | ||
| sudo ufw allow from $LAN to any port 24800 proto tcp comment "Barrier / Synergy keyboard/mouse sharing"
 | ||
| sudo ufw allow from $LAN to any port 3000 proto tcp comment "Web dashboard or Grafana-style service"
 | ||
| 
 | ||
| # Samba (SMB) - LAN only
 | ||
| sudo ufw allow from $LAN to any port 445 proto tcp comment "SMB file sharing"
 | ||
| sudo ufw allow from $LAN to any port 139 proto tcp comment "NetBIOS Session (SMB)"
 | ||
| sudo ufw allow from $LAN to any port 137 proto udp comment "NetBIOS Name Service"
 | ||
| sudo ufw allow from $LAN to any port 138 proto udp comment "NetBIOS Datagram Service"
 | ||
| 
 | ||
| # Allow Cockpit via web interface
 | ||
| sudo ufw allow from $LAN to any port 9090 proto tcp comment "Cockpit management interface"
 | ||
| 
 | ||
| # Cluster peer access (custom IPs)
 | ||
| sudo ufw allow from 192.168.1.72 comment "ACACIA cluster peer"
 | ||
| sudo ufw allow from 192.168.1.113 comment "IRONWOOD cluster peer"
 | ||
| sudo ufw allow from 192.168.1.132 comment "ROSEWOOD cluster peer"
 | ||
| sudo ufw allow from 192.168.1.27 comment "WALNUT cluster peer"
 | ||
| # VNC (LAN only)
 | ||
| sudo ufw allow from $LAN to any port 5900 proto tcp comment "VNC screen sharing"
 | ||
| sudo ufw allow from $LAN to any port 5901 proto tcp comment "VNC second session"
 | ||
| 
 | ||
| # mDNS (LAN only – optional)
 | ||
| sudo ufw allow from $LAN to any port 5353 proto udp comment "mDNS / Avahi for local service discovery"
 | ||
| 
 | ||
| # Enable UFW
 | ||
| sudo ufw enable
 | ||
| 
 | ||
| # Status check
 | ||
| sudo ufw status verbose
 |