Here’s a nice way to maintain access-control, for your RustDesk server, using some simple bash scripts and ufw (Uncomplicated Firewall)
RustDesk requires several ports to be open. This can end up looking really-messy, really-quickly, when you go to view your ufw rules list.
Our first step is to define a ufw alias for RustDesk that contains all the ports.
Strong recommendation: Do not omit this step!
[RustDesk]
title=RustDesk
description=RustDesk remote desktop application
ports=21115:21119/tcp|8000/tcp|21116/udpReload the firewall:
sudo ufw reloadCREATING RULES
This script helps us to easily add an IP address to our firewall rules (with a comment)
#!/bin/bash
# Check that we passed two arguments.
# If not, print a little help screen.
script_name=$(basename "$0")
if [ "$#" -ne 2 ]; then
echo "---$script_name----------------------------------------"
echo " Usage: $script_name [IP address] [comment]"
echo ""
echo " Example# $script_name 192.0.2.1 \"Bob's Machine\""
echo ""
exit 1
fi
ip="$1"
comment="$2"
# Check if the IP address is valid
if [[ ! "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Invalid IP address: $ip"
exit 1
fi
# Allow RustDesk traffic for the IP address and add a comment.
ufw allow from "$ip" to any app RustDesk comment "RustDesk-$comment"LISTING RULES
Traditionally, we can check our entire ufw rule set with:
❯ ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] Nginx Full ALLOW IN Anywhere
[ 2] Anywhere ALLOW IN 10.23.0.2 # The "MCP"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server
[ 4] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's Desktop
[ 5] Nginx Full (v6) ALLOW IN Anywhere (v6)
If you have lots of rules it can be hard to find what you’re looking for.
Here’s a script that uses grep to parse out the RustDesk ufw rules:
#!/bin/bash
ufw status numbered | grep --color=auto "RustDesk-$1"Sample output:
❯ rustdesk-list
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server
[ 4] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's Desktop
You can also pass it an argument to refine your search:
❯ rustdesk-list "Backup Server"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup ServerREMOVING RULES
OPTION 1 (Simpler)
(rustdesk-list && ufw delete #)
❯ rustdesk-list "Backup Server"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server❯ ufw delete 3
Deleting:
allow from 10.0.0.1 to any app RustDesk comment 'RustDesk-Backup Server'
Proceed with operation (y|n)? y
Rule deletedOPTION 2
(rustdesk-list && rustdesk-remove)
#!/bin/bash
if [ -z "$1" ]; then
echo "Usage: rustdesk_remove <IP address or comment>"
exit 1
fi
# Check if argument is an IP address or comment
if [[ "$1" =~ [A-Za-z] ]]; then
comment=$1
ip=$(sudo ufw status numbered | grep "$comment" | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
if [ -z "$ip" ]; then
echo "Rule not found"
exit 1
fi
else
ip=$1
fi
# Delete the UFW rule
if sudo ufw delete allow from $ip to any app "RustDesk"; then
echo "Deleted RustDesk rule for IP address: $ip"
else
echo "Failed to delete RustDesk rule for IP address: $ip"
fiNote: It will only remove RustDesk Alias Rules, not any of the other rules for your selected machine. 
You can then pass the script either the IP address or comment of the rule you want to remove.
Let’s search for the rule we want to delete:
❯ rustdesk-list "Mary's Desktop"
[ 3] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's DesktopDelete by passing the IP:
❯ rustdesk-remove 192.0.2.1
Deleting:
allow from 192.0.2.1 to any app RustDesk comment 'RustDesk-Mary's Desktop'
Proceed with operation (y|n)? y
Rule deletedDelete by passing part of the comment field:
❯ rustdesk-remove "Mary's Desktop"
Deleting:
allow from 192.0.2.1 to any app RustDesk comment 'RustDesk-Mary's Desktop'
Proceed with operation (y|n)? y
Rule deletedNote that option 2 can be more dangerous if you use a comment search that hits multiple entries, and you aren’t paying attention to the confirmation.
Leave a Reply