diff --git a/ufw_shared_ipv4.sh b/ufw_shared_ipv4.sh
new file mode 100755
index 0000000..997d296
--- /dev/null
+++ b/ufw_shared_ipv4.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+
+set -eEuxo pipefail
+
+
+if (( ${#} != 1 )); then
+  echo "Usage: $(basename "${BASH_SOURCE[0]}") INTERFACE" >&2
+  exit 1
+fi
+
+interface="${1}"
+any_ipv4="0.0.0.0/0"
+subnet="10.42.0.0/24"
+gateway="10.42.0.1"
+
+ufw allow in on "${interface}" from "${any_ipv4}" port bootpc to "${any_ipv4}" port bootps
+ufw allow in on "${interface}" from "${subnet}" to "${gateway}" port domain
+ufw route allow in on "${interface}" from "${subnet}" to "${any_ipv4}"