Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Ubuntu default Firewall UFW Settings

2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Ubuntu Default Firewall UFW Settings

1. installation

sudo apt-get install ufw

2. enabled

sudo ufw enable

sudo ufw default deny

After running the above two commands, the firewall is turned on and automatically turned on when the system starts. Turn off all external access to this machine, but local access to external is normal.

3. On/Off

sudo ufw allow|deny [service]

Open or close a port, for example:

sudo ufw allow smtp Allow all external IPs to access port 25/tcp (smtp) on this machine

sudo ufw allow port 22/tcp Allow all external IPs to access port 22/tcp (ssh)

sudo ufw allow 53 Allow external access to port 53 (tcp/udp)

sudo ufw allow from 192.168.1.100 Allow this IP access to all native ports

sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53

sudo ufw deny smtp prohibits external access to smtp services

sudo ufw delete allow smtp Delete a rule created above

4. View firewall status

sudo ufw status

For general users, you only need to set the following settings:

sudo apt-get install ufw

sudo ufw enable

sudo ufw default deny

The above three commands are safe enough. If you need to open some services, use sudo ufw allow.

Turn firewall on/off (default setting is 'disable')

sudo ufw enable|disable

transition log status

sudo ufw logging on|off

Set default policies (e.g."mostly open" vs "mostly closed")

sudo ufw default allow|deny

Permitted or blocked ports (see the list of services in "status"). A service name that exists in/etc/services can be specified as "protocol: port" or via meta-data of the package. The 'allow' argument adds entries to/etc/ufw/maps, whereas 'deny' does the opposite. The basic syntax is as follows:

sudo ufw allow|deny [service]

Displays the listening status of firewalls and ports, see/var/lib/ufw/maps. Numbers in parentheses will not be displayed.

sudo ufw status

Examples of UFW use:

Allow 53 ports

$ sudo ufw allow 53

Disable port 53

$ sudo ufw delete allow 53

Allow 80 ports

$ sudo ufw allow 80/tcp

Disable port 80

$ sudo ufw delete allow 80/tcp

Allow smtp port

$ sudo ufw allow smtp

Remove license for smtp port

$ sudo ufw delete allow smtp

Allow a specific IP

$ sudo ufw allow from 192.168.254.254

Delete the rule above

$ sudo ufw delete allow from 192.168.254.254

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report