I have a laptop I take with me that has UFW. I want to allow Syncthing from my home subnet and another place. Is there a way I can do that without allow from anywhere?
Additionally, is the default ufw allow service-name/port, where it allows from anywhere, insecure? Like, does it open the port to the internet, for anyone to see or connect to?
Either use bare wireguard or netbird/zerotier/tailscale.
Yes, it will be accessible on the local network if incoming connections to your port are not blocked by a local AP or switch, and from the internet if incoming connections to you are also not blocked at the router.
It’s generally a bad practice to expose apps (syncthing, etc) directly to the internet with
allow from anywhererules, but it’s not an issue for services like wireguard and ssh when used properly.