Here’s a nice way to maintain access-control, for your RustDesk server, using some simple bash scripts and ufw (Uncomplicated Firewall)
RustDesk requires several ports to be open. This can end up looking really-messy, really-quickly, when you go to view your ufw rules list.
Our first step is to define a ufw alias for RustDesk that contains all the ports.
Strong recommendation: Do not omit this step!
[RustDesk]
title=RustDesk
description=RustDesk remote desktop application
ports=21115:21119/tcp|8000/tcp|21116/udpReload the firewall:
sudo ufw reloadCREATING RULES
This script helps us to easily add an IP address to our firewall rules (with a comment)
#!/bin/bash
# Check that we passed two arguments.
# If not, print a little help screen.
script_name=$(basename "$0")
if [ "$#" -ne 2 ]; then
echo "---$script_name----------------------------------------"
echo " Usage: $script_name [IP address] [comment]"
echo ""
echo " Example# $script_name 192.0.2.1 \"Bob's Machine\""
echo ""
exit 1
fi
ip="$1"
comment="$2"
# Check if the IP address is valid
if [[ ! "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Invalid IP address: $ip"
exit 1
fi
# Allow RustDesk traffic for the IP address and add a comment.
ufw allow from "$ip" to any app RustDesk comment "RustDesk-$comment"LISTING RULES
Traditionally, we can check our entire ufw rule set with:
❯ ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] Nginx Full ALLOW IN Anywhere
[ 2] Anywhere ALLOW IN 10.23.0.2 # The "MCP"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server
[ 4] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's Desktop
[ 5] Nginx Full (v6) ALLOW IN Anywhere (v6)
If you have lots of rules it can be hard to find what you’re looking for.
Here’s a script that uses grep to parse out the RustDesk ufw rules:
#!/bin/bash
ufw status numbered | grep --color=auto "RustDesk-$1"Sample output:
❯ rustdesk-list
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server
[ 4] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's Desktop
You can also pass it an argument to refine your search:
❯ rustdesk-list "Backup Server"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup ServerREMOVING RULES
OPTION 1 (Simpler)
(rustdesk-list && ufw delete #)
❯ rustdesk-list "Backup Server"
[ 3] RustDesk ALLOW IN 10.0.0.1 # RustDesk-Backup Server❯ ufw delete 3
Deleting:
allow from 10.0.0.1 to any app RustDesk comment 'RustDesk-Backup Server'
Proceed with operation (y|n)? y
Rule deletedOPTION 2
(rustdesk-list && rustdesk-remove)
#!/bin/bash
if [ -z "$1" ]; then
echo "Usage: rustdesk_remove <IP address or comment>"
exit 1
fi
# Check if argument is an IP address or comment
if [[ "$1" =~ [A-Za-z] ]]; then
comment=$1
ip=$(sudo ufw status numbered | grep "$comment" | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
if [ -z "$ip" ]; then
echo "Rule not found"
exit 1
fi
else
ip=$1
fi
# Delete the UFW rule
if sudo ufw delete allow from $ip to any app "RustDesk"; then
echo "Deleted RustDesk rule for IP address: $ip"
else
echo "Failed to delete RustDesk rule for IP address: $ip"
fiNote: It will only remove RustDesk Alias Rules, not any of the other rules for your selected machine. 😎
You can then pass the script either the IP address or comment of the rule you want to remove.
Let’s search for the rule we want to delete:
❯ rustdesk-list "Mary's Desktop"
[ 3] RustDesk ALLOW IN 192.0.2.1 # RustDesk-Mary's DesktopDelete by passing the IP:
❯ rustdesk-remove 192.0.2.1
Deleting:
allow from 192.0.2.1 to any app RustDesk comment 'RustDesk-Mary's Desktop'
Proceed with operation (y|n)? y
Rule deletedDelete by passing part of the comment field:
❯ rustdesk-remove "Mary's Desktop"
Deleting:
allow from 192.0.2.1 to any app RustDesk comment 'RustDesk-Mary's Desktop'
Proceed with operation (y|n)? y
Rule deletedNote that option 2 can be more dangerous if you use a comment search that hits multiple entries, and you aren’t paying attention to the confirmation.
Leave a Reply