From c4fee21a4f2ceb02c09a32b7e1ccbc22984dd3c1 Mon Sep 17 00:00:00 2001
From: rob <rob@digitaltelepresence.com>
Date: Mon, 17 Jul 2023 00:57:31 -0400
Subject: [PATCH] deny modified to `insert 1`

This change puts deny rules at the top of the rule table to guarnatee
they execute first and deny before other rules might allow.
---
 src/methods/Deny.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/methods/Deny.ts b/src/methods/Deny.ts
index fd1cd12..4abafa9 100644
--- a/src/methods/Deny.ts
+++ b/src/methods/Deny.ts
@@ -10,7 +10,7 @@ async function port(port: number, protocol?: PortProtocol) {
     let checkPort = checkAppropriatePort(port);
     if (!checkPort) return false;
 
-    let command = await runCommand(`echo "y" | sudo ufw ${shouldDryRunDuringTesting} deny ${port}${protocol ? `/${protocol}` : ""}`);
+    let command = await runCommand(`echo "y" | sudo ufw ${shouldDryRunDuringTesting} insert 1 deny ${port}${protocol ? `/${protocol}` : ""}`);
     return command ? isAddedOrUpdated(command) : false;
   } catch (err) {
     throw err;
@@ -32,7 +32,7 @@ async function address(address: string, port?: number, protocol?: PortProtocol)
       if (!checkPort) return false;
     };
 
-    let command = await runCommand(`echo "y" | sudo ufw ${shouldDryRunDuringTesting} deny from ${address} ${port ? `to any port ${port}` : ""} ${protocol ? `proto ${protocol}` : ""}`);
+    let command = await runCommand(`echo "y" | sudo ufw ${shouldDryRunDuringTesting} ufw insert 1 deny from ${address} ${port ? `to any port ${port}` : ""} ${protocol ? `proto ${protocol}` : ""}`);
     return command ? isAddedOrUpdated(command) : false;
   } catch (err) {
     throw err;