RUNLOCALAIv38
->Will it run?Best GPUCompareTroubleshootStartLearnPulseModelsHardwareToolsBench
Run check
RUNLOCALAI

Independently operated catalog for local-AI hardware and software. Hand-written verdicts. Source-cited claims. Reproducible commands when we have them.

OP·Eruo Fredoline
DIR
  • Models
  • Hardware
  • Tools
  • Benchmarks
TOOLS
  • Will it run?
  • Compare hardware
  • Cost vs cloud
  • Choose my GPU
  • Prompting kits
  • Quick answers
REF
  • All buyer guides
  • Learn local AI
  • Methodology
  • Glossary
  • Errors KB
  • Trust
EDITOR
  • About
  • Author
  • How we make money
  • Editorial policy
  • Contact
LEGAL
  • Privacy
  • Terms
  • Sitemap
MAIL · MONTHLY DIGEST
Get monthly local AI changes
Monthly recap. No spam.
DISCLOSURE

Some links on this site are affiliate links (Amazon Associates and other first-class retailers). When you buy through them, we earn a small commission at no extra cost to you. Affiliate links do not influence our verdicts — there are cards we rate highly that we don't have affiliate relationships with, and cards that sell well that we refuse to recommend. Read more →

© 2026 runlocalai.coIndependently operated
RUNLOCALAI · v38
  1. >
  2. Home
  3. /Learn
  4. /Courses
  5. /Local AI on Linux
  6. /Ch. 12
Local AI on Linux

12. Firewall and Security

Chapter 12 of 15 · 20 min
KEY INSIGHT

Docker publishes ports in iptables directly, bypassing UFW unless containers bind to 127.0.0.1 or UFW after.rules are configured.

AI inference servers expose network ports that must be protected. On a local network this matters less; on a public or shared network it matters significantly.

Check current firewall status:

sudo ufw status verbose
# Status: active
# Logging: low
# Default: deny incoming (on Any), allow outgoing (on Any)

Basic secure configuration:

sudo ufw default deny incoming
sudo ufw allow ssh
sudo ufw allow 443/tcp    # HTTPS for API access
sudo ufw allow 8080/tcp   # Only if explicitly needed, restrict to IP range
sudo ufw enable
sudo ufw status numbered

Rate limiting at the firewall prevents abuse:

sudo ufw limit 22/tcp
# Inserts a rule that drops connections if more than 5 connections
# per 30 seconds are initiated from a single IP

For the Ollama API on port 11434, restrict to your local network:

sudo ufw allow from 192.168.1.0/24 to any port 11434

Docker and UFW interaction: Docker modifies iptables directly when you publish ports with -p 80:80. UFW rules may not apply to container-published ports. Verify with:

sudo iptables -L -n | grep 11434

If the rule is not there, the container published a port that bypasses UFW. Either publish only on localhost (-p 127.0.0.1:11434:11434) or add a Docker UFW after.rules entry:

sudo nano /etc/ufw/after.rules
# Add before the final COMMIT:
# Block external access to Ollama
-A INPUT -p tcp --dport 11434 -j DROP

Fail2ban for brute force protection:

sudo apt install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local
[sshd]
enabled = true
port = ssh
maxretry = 3
bantime = 3600
findtime = 600
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo fail2ban-client status

Failure mode: UFW is inactive and Docker ports are exposed publicly. nmap -p 11434 your-server-ip returns open. Fix: sudo ufw enable and publish containers on 127.0.0.1 only.

Failure mode: SSH access is blocked after enabling UFW because SSH was not allowed first. Always run sudo ufw allow ssh before sudo ufw enable. If locked out, access via console or IPMI/iDRAC/IDRAC and fix the rule.

Failure mode: Fail2ban bans the wrong IP (your own IP) because you accessed the server from a NAT gateway. Add your IP to ignoreip in jail.local: ignoreip = 127.0.0.1/8 192.168.1.0/24.

EXERCISE

Configure UFW to deny all incoming except SSH and the AI API port, install and configure fail2ban, publish the Ollama API on 127.0.0.1 only, and verify external port scans show only allowed ports.

← Chapter 11
Kernel Tuning for AI
Chapter 13 →
Remote Access Setup