diff --git a/seqs/ufw.sh b/seqs/ufw.sh
index 3074b2f..c47f638 100755
--- a/seqs/ufw.sh
+++ b/seqs/ufw.sh
@@ -57,16 +57,33 @@ step_22() {
   exe ufw deny in from $1 to 239.0.0.0/8 comment 'Broadcast Fritzbox'
 }
 
-step_24_info() { echo "Allow cifs mounts [FILE SERVER IP|RANGE]"; }
+step_24_info() { 
+  echo "Allow cifs mounts on eth0 to <FILE SERVER IP|RANGE> [PORT]"
+  echoinfo " [PORT] (default 445)"
+  echoinfo "  139  : Cifs version 1.0"
+  echoinfo "  445  : Cifs version 2.0+"
+}
 step_24_alias() { ALIAS="cifs"; }
 step_24() {
   shift
   local destIp=$1
-  endReturn -o $? "No IP provided"
+  local ipregex='^[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\/*[0-9]*$'
+  endCheckEmpty destIp "No IP provided"
+  if [[ ! $1 =~ $ipregex ]]; then
+    echoseq " [E] No valid IP provided"
+    return 1
+  fi
+  local destPort=445
+  case "$2" in
+    139|445)
+      destPort=$2;;
+    "");; # Set default
+    *)
+      echoerr " [E] Invalid port."
+      return 1;;
+  esac
 
-  exe ufw allow out on eth0 to $destIp port 139 proto tcp comment "samba/cifs"
-  # Allow cifs mounts from IP addresses for newer cifs versions
-  exe ufw allow out on eth0 to $destIp port 445 proto tcp comment "samba/cifs"
+  exe ufw allow out on eth0 to $destIp port $destPort proto tcp comment "samba/cifs"
 }
 
 step_26_info() { echo "Basic secure VPN setup"; }
@@ -83,7 +100,7 @@ step_26() {
   # Allow access to socks proxy dante
   exe ufw allow in on eth0 to any port 1080 comment "socks5 proxy danted"
   # Allow access to http proxy privoxy
-  exe ufw allow in on eth0 to any port 8118 comment "http proxy privoxy"
+  #exe ufw allow in on eth0 to any port 8118 comment "http proxy privoxy"
 
   exe ufw enable
   exe ufw status verbose