Server exposed to the internet

I have a computer that I use as a server for various… services.
One of them on port 8083
the others, for example one, port 3000, 22, etc.
How should I configure the firewall (or which one do you recommend for manjaro?) to prevent unwanted access?
For ex.
I only want port 3000 to be accessible from the local internal network, also 22 just for local network, and 8083 from internet.
Thank you

The principles discussed in [root tip] [How To] Set up your own SSH service will be of help to understand how to do it.

1 Like

Hi @9acca9,

Personally, I recommend firewalld:

…although I’ve only ever used the now discontinued shorewall. Unless that was taken up by someone new.

I’ve also heard people raving about ufw:

…but to me, it’s the opposite of its name and I’ve never been able to get it.

Hope this helps!

The easy way is to not expose the complete server, but only expose one port of your server. This can be done inside your router.

This is called port forwarding

Then the router will only allow incoming connections from the internet to go to your server at this special port.

(your internet IP , Port 8083) → (your server, Port 8083)

This way it is also possible to change the number of the port
(your internet IP , Port 8080) → (your server, Port 8083)