Yunohost firewall command line examples?

I am trying to limit the access to a yunohost installation by ip. I first tried to install ufw and set up the commands that I know to restrict access to a few ips. But it did not have any effect. Then I found that there is a yunohost firewall command but there was not much documentation. Using --help did not give many options.

With ufw you can do what I want easily with

sudo ufw default deny incoming && sudo ufw default allow outgoing
sudo ufw allow from 1.1.1.1

How can this be achieved with the Yunohost firewall?

And is there somewhere a documentation about all the yunohost command line commands? Thanks a lot!

Uh you can’t really do this with yunohost’s firewall, it’s pretty “basic” and only able to allow/deny ports…

But it can be extended using some iptables commands to add whatever you want … You’ll need to create a custom hook called post_iptable_rules :

nano /etc/yunohost/hooks.d/post_iptable_rules/my_custom_rules

then the content you put in it is a bash script where you can put arbitrary commands executed each the firewall is regenerated

OK, I understand, thanks. Another workaround that seems to work fine, that I tried now, is using the /etc/hosts.allow (with sshd: 1.1.1.1 or other ips) and /etc/hosts.deny (with sshd: all)