Update firewall rules

New PR from main branch b/c idk how to git Add firewall rules and enable firewall as a matter of security best practice. Add command to log in as new jackal user and update wording to match
2023-04-22 18:32:19 -05:00 · 2023-04-22 18:32:19 -05:00 · 237c4af1ac
commit 237c4af1ac
parent 3f002c5257
1 changed files with 55 additions and 1 deletions
--- a/docs/nodes/1_install.md
+++ b/docs/nodes/1_install.md
@ -9,6 +9,56 @@ There are a few things needed before installing.

 While logged in as the 'root' or 'admin' user, we add a 'jackal' user and give them root privileges.

+### Enable Firewall Rules
+Enabling the firewall is important to ensure your hardware remains secure. The following commands will add rules required for access on both validators and providers:
+
+```sh
+sudo ufw allow 22
+sudo ufw allow 80
+sudo ufw allow 443
+```
+
+Additional ports are required if you are running a validator:
+
+```sh
+sudo ufw allow 26657
+sudo ufw allow 26658
+```
+
+The only additional port required for a provider is 3333:
+
+```sh
+sudo ufw allow 3333
+```
+
+If you are running a combined validator/provider, you need to allow all of the above ports. After adding ports to the rules list, you will need to start the firewall:
+
+```sh
+sudo ufw enable
+```
+
+After starting the firewall, verify all of the required rules are in place by running:
+
+```sh
+sudo ufw status verbose
+```
+
+Your output should be similar to the following:
+
+```sh
+Status: active
+
+To                         Action      From
+--                         ------      ----
+22                         ALLOW       Anywhere
+80                         ALLOW       Anywhere
+443                        ALLOW       Anywhere
+1317                       ALLOW       Anywhere
+3333                       ALLOW       Anywhere
+26657                      ALLOW       Anywhere
+26658                      ALLOW       Anywhere
+```
+
 ### Create Jackal user

 ```sh
@ -16,7 +66,11 @@ sudo adduser --gecos "" jackal
 sudo usermod -aG sudo jackal
 ```

-Re-log in as the jackal user to complete the below steps. 
+Log in as the jackal user to complete the below steps:
+
+```sh
+sudo su - jackal
+```

 ### Installing required tools
 This will install the necessary tools to build the jackal chain source, along with lz4 compression tool and jquery tool.