Posted a new guide in my sovereign-linux-tools repo. The short version: most nodes I've seen have no firewall configured at all. Default Linux accepts connections on every port.
The guide covers:
- Default policies (deny incoming is the only sane starting point)
- Exactly which ports to expose: 8333 for Bitcoin P2P, 9735 for LND P2P
- What to never expose: RPC (8332), LND gRPC (10009), REST (8080)
- SSH tunnel pattern for remote gRPC access instead of opening the port
- Rate limiting + Fail2ban on Ubuntu 24 (there's a known issue with banaction that breaks banning after enabling UFW)
- nmap audit command to verify what's actually visible from outside
All commands are copy-paste ready, tested on Ubuntu 24 LTS.
Repo: https://github.com/shadowbipnode/sovereign-linux-tools
Feedback welcome β especially if you run a different stack (CLN, Umbrel, etc.) and the port list needs expanding.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments