From 3c342ff6fc76274074676742824f4b9d01ffa425 Mon Sep 17 00:00:00 2001
From: iamromulan <50184035+iamromulan@users.noreply.github.com>
Date: Fri, 5 Jan 2024 18:24:31 -0500
Subject: [PATCH] Update simplefirewall.sh

---
 simplefirewall/simplefirewall.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/simplefirewall/simplefirewall.sh b/simplefirewall/simplefirewall.sh
index 04af1de..47394bc 100644
--- a/simplefirewall/simplefirewall.sh
+++ b/simplefirewall/simplefirewall.sh
@@ -3,10 +3,14 @@
 # Define the ports you want to block
 PORTS=("80" "8080" "8088" "443") # Default ports, will be modified by the install script
 
-# Block specified ports on all interfaces except bridge0, eth0, and tailscale0
+# First, allow specified ports on bridge0, eth0, and tailscale0
 for port in "${PORTS[@]}"; do
-    iptables -A INPUT -p tcp --dport $port -j DROP
     iptables -A INPUT -i bridge0 -p tcp --dport $port -j ACCEPT
     iptables -A INPUT -i eth0 -p tcp --dport $port -j ACCEPT
     iptables -A INPUT -i tailscale0 -p tcp --dport $port -j ACCEPT
 done
+
+# Then, block specified ports on all other interfaces
+for port in "${PORTS[@]}"; do
+    iptables -A INPUT -p tcp --dport $port -j DROP
+done