Ubuntu – UFW firewall rules for transmission-daemon on ubuntu 20.XX

bittorrentfirewallUbuntuufwvps

I have got transmission running on ubuntu 20.XX VPS and i can log into the web interface with MYIP:9091/ to manage the files.

I am using ufw firewall. I have added these rules to allow the following ports:

  • 22/tcp (OpenSSH) ALLOW IN Anywhere
  • 20/tcp ALLOW IN Anywhere
  • 21/tcp ALLOW IN Anywhere
  • 40000:50000/tcp ALLOW IN Anywhere
  • 990/tcp ALLOW IN Anywhere
  • 6688/tcp ALLOW IN Anywhere
  • 28967/tcp ALLOW IN Anywhere
  • 9091 ALLOW IN Anywhere
  • 5432 on eth1 ALLOW IN Anywhere
  • 9091/tcp ALLOW IN Anywhere
  • 22/tcp ALLOW IN Anywhere
  • 2222 ALLOW IN Anywhere
  • 80/tcp ALLOW IN Anywhere
  • 80 ALLOW IN Anywhere
  • 443/tcp ALLOW IN Anywhere
  • 443 ALLOW IN Anywhere
  • 6000:6003/tcp ALLOW IN Anywhere
  • 6000:6003/udp ALLOW IN Anywhere
  • 49152:65535/udp ALLOW IN Anywhere
  • 49152:65535/tcp ALLOW IN Anywhere
  • 9091/udp ALLOW IN Anywhere
  • 22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
  • 20/tcp (v6) ALLOW IN Anywhere (v6)
  • 21/tcp (v6) ALLOW IN Anywhere (v6)
  • 40000:50000/tcp (v6) ALLOW IN Anywhere (v6)
  • 990/tcp (v6) ALLOW IN Anywhere (v6)
  • 6688/tcp (v6) ALLOW IN Anywhere (v6)
  • 28967/tcp (v6) ALLOW IN Anywhere (v6)
  • 9091 (v6) ALLOW IN Anywhere (v6)
  • 5432 (v6) on eth1 ALLOW IN Anywhere (v6)
  • 9091/tcp (v6) ALLOW IN Anywhere (v6)
  • 22/tcp (v6) ALLOW IN Anywhere (v6)
  • 2222 (v6) ALLOW IN Anywhere (v6)
  • 80/tcp (v6) ALLOW IN Anywhere (v6)
  • 80 (v6) ALLOW IN Anywhere (v6)
  • 443/tcp (v6) ALLOW IN Anywhere (v6)
  • 443 (v6) ALLOW IN Anywhere (v6)
  • 6000:6003/tcp (v6) ALLOW IN Anywhere (v6)
  • 6000:6003/udp (v6) ALLOW IN Anywhere (v6)
  • 49152:65535/udp (v6) ALLOW IN Anywhere (v6)
  • 49152:65535/tcp (v6) ALLOW IN Anywhere (v6)
  • 9091/udp (v6) ALLOW IN Anywhere (v6)

When I do sudo ufw enable transmission web interface is no longer available. When I then do sudo ufw disable it's back again, so it's a ufw problem.

Any ideas what ports I'm missing or what is misconfigured?

Best Answer

Seem you've enabled everything, may you check if the Transmission has the AppArmor configuration and the port 9091 is allowed?

If you have any http deamon (apache/nginx), you can configure it and proxy-pass on your Transmission port, it shall work as the http daemon has the AppArmor.

When you enable the FW, is port 22 acessible? Maybe flush the UFW configuration and and only 80/443 and than the 9091, it shall give you the hint where the problem is.

Related Topic