1, installation
sudo apt-get install UFW
2, enable
sudo ufw enablesudo UFW default deny after running the above two commands, the firewall is turned on and automatically turned on when the system starts. All external access to the native is turned off, but the native access is normal externally.
3, turn on/off
sudo ufw allow|deny [service] turns on or off a port, for example: sudo UFW allow SMTP allows all external IPs to access native 25/TCP (SMTP) ports sudo UFW allow 22/TCP allows all external IPs Access native 22/tcp (SSH) port sudo ufw allow 53 allows external access to 53 ports (TCP/UDP) sudo ufw allow from 192.168.1.100 allows this IP access to all native ports sudo ufw enable Pro To UDP 192.168.0.1 port 192.168.0.2 port 53sudo UFW deny SMTP disallow external access to the SMTP service sudo ufw delete allow SMTP Delete a rule established above
4, view
sudo UFW status
Description
For general users, simply set the following: sudo apt-get install ufwsudo UFW enablesudo UFW default deny above three commands are safe enough, if you need to open some services, then use sudo ufw allow to open.
Ubuntu Firewall settings