In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/03 Report--
I operate under root. Ordinary users need sudo permission.
Ufw disable shuts down
Ufw enable is enabled
This file closes ipv6.
/ etc/default/ufw
View Rul
Ufw status
Example of adding a rule:
Ufw default allow outgoing ufw default deny incoming ufw default deny closes all external access ports ufw allow ssh ufw allow 22 ufw allow 80/tcp ufw allow http/tcp ufw allow 1725/udp ufw allow 25:29/udp ufw allow from 123.45.67.89 ufw allow from 123.45 .67.89 24 ufw allow from 123.45.67.89 to any port 22 proto tcp sudo ufw allow from 192.168.1.1 allow this IP access to all native ports sudo ufw deny proto tcp from 10.0.0.0port 8 to 192.168.0.1 port 22 to deny all TCP traffic from 10.0.0.0Comp8 to port 22 at 192.168.0.1 address
= =
Log directory: vim / var/log/ufw.log
Sudo ufw logging on startup log
Sudo ufw logging off closes the log
Sudo ufw logging low | medium | high
Sep 16 15:08:14 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=0.0.0.0 DST=0.0.0.0 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=8475 PROTO=TCP SPT=485 DPT=22 WINDOW=1024 RES=0x00 SYN URGP=0
The previous value lists the date, time, and hostname of your server. The remaining important information includes: [UFW BLOCK]: this is where the description of the recorded event begins. In this case, it means that the connection is blocked. IN: if it contains a value, it means that the event is the incoming event OUT: if it contains a value, then the event is the outgoing event MAC: the combination of destination and source MAC address SRC: packet source IPDST: packet destination IPLEN: packet length TTL: packet TTL, or time to live. Before finding the destination, it will jump between routers until it expires. PROTO: the protocol of the packet SPT: the source port of the packet DPT: the destination port of the packet WINDOW: the size of the packet that the sender can receive SYN URGP: indicates whether a three-way handshake is required. 0 means no need.
= =
Here are three ways to check the snooping of operating system ports
Netstat-an | grep LISTEN | grep-v ^ unix "
Netstat-ntulp
Lsof-I-n-P
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
