admin avatar

Example of ufw firewall command

🕡 by admin

sudo ufw enable|disable

Because LInux's original firewall tool iptables is too cumbersome, ubuntu provides a firewall tool ufw based on iptable by default.

The default in ubuntu 9.10 is UFW firewall, which already supports interface operations. Run the ufw command on the command line to see a series of actions that can be performed.

The simplest operation: sudo ufw status can check the status of the firewall, and my return is: inactive

sudo ufw version firewall version:

The ubuntu system has ufw installed by default.

  1. Installation

sudo apt-get install ufw

  1. Enable

sudo ufw enable

sudo ufw default deny

After running the above two commands, the firewall is turned on, and it is automatically turned on when the system starts. Close all external access to the machine, but the machine access to the outside is normal.

  1. Enable/Disable

sudo ufw allow|deny [service]

Open or close a port, for example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

sudo ufw allow smtp Allow all external IPs to access the machine's 25/tcp (smtp) port

sudo ufw allow 22/tcp allows all external IPs to access the machine's 22/tcp (ssh) port

sudo ufw allow 53 allows external access to port 53 (tcp/udp)

sudo ufw allow from 192.168.1.100 allows this IP to access all local ports

sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53

sudo ufw deny smtp prohibit external access to smtp services

sudo ufw delete allow smtp delete a rule established above

4. View firewall status

sudo ufw status

For general users, only the following settings are required:

sudo apt-get install ufw

sudo ufw enable

sudo ufw default deny

The above three commands are safe enough. If you need to open certain services, use sudo ufw allow to open them.

Turn on/off the firewall (the default setting is ‘disable’)

sudo ufw enable|disable

Switch log status

sudo ufw logging on|off

Set the default policy (e.g. "mostly open" vs "mostly closed")

sudo ufw default allow|deny
Permit or block the port (you can view the service list in "status"). You can specify a service name that exists in /etc/services in the form of "protocol: port", or you can use the meta-data of the package. The ‘allow’ parameter will add entries to /etc/ufw/maps, while ‘deny’ will do the opposite. The basic syntax is as follows:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
sudo ufw allow|deny [service]

To display the listening status of firewalls and ports, see /var/lib/ufw/maps. The numbers in brackets will not be displayed.

sudo ufw status

UFW usage example:

Allow port 53

$ sudo ufw allow 53

Disable port 53

$ sudo ufw delete allow 53

Allow port 80

$ sudo ufw allow 80/tcp

Disable port 80

$ sudo ufw delete allow 80/tcp

Allow smtp port

$ sudo ufw allow smtp

Remove the license of the smtp port

$ sudo ufw delete allow smtp

Allow a specific IP

$ sudo ufw allow from 192.168.254.254

Delete the above rule

$ sudo ufw delete allow from 192.168.254.254
After the linux 2.4 kernel, a very good firewall tool is provided: netfilter/iptables, which is free and powerful, and can finely control the incoming and outgoing information. It can realize firewall, NAT (network address translation) and data packet Split and other functions. Netfilter works inside the kernel, while iptables is a table structure that allows users to define rule sets.

But the rules of iptables are a little bit "complex", so ubuntu provides ufw as a setting tool to simplify some settings of iptables. The background is still iptables. Ufw is the abbreviation of uncomplicated firewall, some complicated settings still need to go to iptables.

Files and folders related to ufw are:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
/etc /ufw/: There are some ufw environment setting files, such as before.rules, after.rules, sysctl.conf, ufw.conf, and for ip6 before6.rule and after6.rules. These files are generally ok according to the default settings.

If ufw is turned on, /etc/ufw/sysctl.conf will overwrite the default /etc/sysctl.conf file. If your original /etc/sysctl.conf is modified, after starting ufw, if /etc/ufw/sysctl If there are new assignments in .conf, /etc/sysctl.conf will be overwritten, otherwise /etc/sysctl.conf will prevail. Of course, you can set which sysctrl.conf to use by modifying the "IPT_SYSCTL=" entry in /etc/default/ufw.

/var/lib/ufw/user.rules This file contains some firewall rules that we set. You can probably see it when you open it. Sometimes we can modify this file directly without using commands to set it. After modification, remember to restart ufw with ufw reload to make the new rules take effect.

Here are some examples of the ufw command line:

ufw enable/disable: turn on/off ufw

ufw status: View the defined ufw rules

ufw default allow/deny: foreign access is allowed/deny by default

ufw allow/deny 20: allow/deny access to port 20, 20 can be followed by /tcp or /udp, which means tcp or udp packet.

ufw allow/deny servicename: ufw finds the corresponding service port from /etc/services and filters it.

ufw allow proto tcp from 10.0.1.0/10 to native ip port 25: Allow tcp packets from 10.0.1.0/10 to access port 25 of the native.

ufw delete allow/deny 20: delete the previously defined "allow/deny access to port 20" rule

💘 相关文章

写一条评论