Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "Ubuntu firewall installation, enabling, configuration, port and the method of viewing status-related information". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1. Installation

Sudo apt-get install ufw

two。 Enable

Sudo ufw enable

Sudo ufw default deny

After running the above two commands, the firewall is turned on and automatically turned on when the system starts. Turn off all external access to the local machine, but the external access to the local machine is normal.

3. Enable / disable

Sudo ufw allow | deny [service]

Open or close a port, for example:

Sudo ufw allow smtp allows all external IP access to the native 25/tcp (smtp) port

Sudo ufw allow 22/tcp allows all external IP access to the native 22/tcp (ssh) port

This is very important, ssh remote login for SecureCRT and other software recommended to turn on. Or don't open the firewall.

Sudo ufw allow 53 allows external access to port 53 (tcp/udp)

Sudo ufw allow from 192.168.1.100 allows this IP to access all native ports

Sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53

Sudo ufw deny smtp prohibits external access to smtp services

Sudo ufw delete allow smtp deletes one of the rules established above

4. View firewall status

Sudo ufw status

For ordinary users, you only need to set the following settings:

Sudo apt-get install ufw

Sudo ufw enable

Sudo ufw default deny

The above three commands are secure enough. If you need to open some services, use sudo ufw allow to open them.

Turn the firewall on / off (default is' disable')

Sudo ufw enable | disable

Transition log statu

Sudo ufw logging on | off

Set the default policy (such as "mostly open" vs "mostly closed")

Sudo ufw default allow | deny

Allow or block ports (you can see a list of services in "status"). You can specify a service name that exists in / etc/services in the way of "protocol: Port", or through the meta-data of the package. The 'allow' parameter adds the entry to / etc/ufw/maps, while the' deny' 'parameter does the opposite. The basic syntax is as follows:

Sudo ufw allow | deny [service]

Displays the listening status of firewalls and ports, see / var/lib/ufw/maps. The numbers in parentheses will not be displayed.

Sudo ufw status

Examples of UFW usage:

Allow port 53

$sudo ufw allow 53

Disable port 53

$sudo ufw delete allow 53

Allow port 80

$sudo ufw allow 80/tcp

Disable port 80

$sudo ufw delete allow 80/tcp

Allow smtp port

$sudo ufw allow smtp

Delete license for smtp port

$sudo ufw delete allow smtp

Allow a specific IP

$sudo ufw allow from 192.168.254.254

Delete the above rule

$sudo ufw delete allow from 192.168.254.254

After linux 2.4 kernel provides a very excellent firewall tool: netfilter/iptables, it is free and powerful, it can fine control the inflow and outflow of information, it can achieve firewall, NAT (network address translation) and packet segmentation and other functions. Netfilter works inside the kernel, while iptables is a table structure that allows users to define rule sets.

But the rules of iptables are a little "complicated", so ubuntu provides ufw as a setup tool to simplify some of the settings of iptables, which is still backed by iptables. Ufw is the abbreviation of uncomplicated firewall, and some complicated settings still have to go to iptables.

Ufw-related files and folders are:

/ etc / ufw/: contains some ufw environment settings files, such as before.rules, after.rules, sysctl.conf, ufw.conf, and for ip6 before6.rule and after6.rules. These files generally follow the default settings for ok.

If ufw is enabled, / etc/ufw/sysctl.conf will overwrite the default / etc/sysctl.conf file, if your original / etc/sysctl.conf has been modified, after starting ufw, if there is a new assignment in / etc/ufw/sysctl.conf, it will overwrite / etc/sysctl.conf, otherwise / etc/sysctl.conf will prevail. Of course, you can set which sysctrl.conf to use by modifying the "IPT_SYSCTL=" entry in / etc/default/ufw.

/ var/lib/ufw/user.rules this file is we set some firewall rules, open probably can see, sometimes we can directly modify this file, do not need to use the command to set. After modification, remember that ufw reload restarts ufw to make the new rules take effect.

Here are some examples of the ufw command line:

Ufw enable/disable: turns ufw on / off

Ufw status: view defined ufw rules

Ufw default allow/deny: foreign access allowed / denied by default

Ufw allow/deny 20: allow / deny access to port 20, followed by / tcp or / udp to indicate tcp or udp packets.

Ufw allow/deny servicename:ufw finds the port of the corresponding service from / etc/services and filters it.

Ufw allow proto tcp from 10.0.1.0 to Native ip port 25: allows tcp packets from 10.0.1.0 shock 10 to access port 25 of the native machine.

Ufw delete allow/deny 20: remove the previously defined "allow / deny access to port 20" rule

This is the end of the content of "install, enable, configure, port and view status-related information of Ubuntu firewall". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.