Ubuntu default firewall installation, enabling, configuration, port, view status information

Comments: Ubuntu11.04 the default is UFW (ufw is short for uncomplicated firewall, which is not complex firewall. You still need to go to iptables for complicated settings). Interface operations are supported. Run the ufw command on the command line to see a series of operations that can be performed.

The simplest operation:

Sudo ufw status (if you are root, remove sudo and ufw status) to check the firewall status. The returned result is: inactive (not active by default ).

Sudo ufw version firewall version:

Ufw 0.29-4ubuntu1

Copyright 2008-2009 Canonical Ltd.

Ufw is installed in ubuntu by default.

1. Install

Sudo apt-get install ufw

2. Enable

Sudo ufw enable

Sudo ufw default deny

After running the preceding two commands, the firewall is enabled and automatically enabled when the system starts. Disable all external access to the local machine, but the local access to the external is normal.

3. enable/disable

Sudo ufw allow | deny [service]

Open or close a port, for example:

Sudo ufw allow smtp allows all external IP addresses to access the local port 25/tcp (smtp ).

Sudo ufw allow 22/tcp allows all external IP addresses to access the local port 22/tcp (ssh)

This is very important. We recommend that you enable ssh remote logon for SecureCRT and other software. Or do not open a firewall.

Sudo ufw allow 53 allows external access to port 53 (tcp/udp)

Sudo ufw allow from 192.168.1.100 allows this IP address to access all local ports

Sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53

Sudo ufw deny smtp prohibit external access to the smtp service

Sudo ufw delete allow smtp delete a rule created above

4. view the Firewall Status

Sudo ufw status

For general users, only the following settings are required:

Sudo apt-get install ufw

Sudo ufw enable

Sudo ufw default deny

The preceding three commands are safe enough. If you need to open some services, use sudo ufw allow.

Enable/disable firewall ('disable' is set by default ')

Sudo ufw enable | disable

Change log status

Sudo ufw logging on | off

Set the Default policy (for example, "mostly open" vs "mostly closed ")

Sudo ufw default allow | deny

Allow or shield the port (you can view the service list in "status ). You can use "Protocol: Port" to specify a service name that exists in/etc/services, or use the meta-data package. The 'allow' parameter adds the entries to/etc/ufw/maps, while the 'deny' parameter is the opposite. The basic syntax is as follows:

Sudo ufw allow | deny [service]

Display the listening status of the firewall and port. For more information, see/var/lib/ufw/maps. The numbers in the brackets are not displayed.

Sudo ufw status

UFW usage example:

Allow port 53

$ Sudo ufw allow 53

Disable port 53

$ Sudo ufw delete allow 53

Allow port 80

$ Sudo ufw allow 80/tcp

Disable port 80

$ Sudo ufw delete allow 80/tcp

Allow smtp Port

$ Sudo ufw allow smtp

Delete the smtp port license

$ Sudo ufw delete allow smtp

Allow a specific IP Address

$ Sudo ufw allow from 192.168.254.254

Delete the preceding rule

$ Sudo ufw delete allow from 192.168.254.254

Linux 2.4 kernel later provides a very good firewall tool: netfilter/iptables, which is free and powerful and can be used to refine the inbound and outbound information, it can implement functions such as firewall, NAT (Network Address Translation), and packet segmentation. Netfilter works inside the kernel, while iptables allows you to define the table structure of the rule set.

However, iptables rules are a little "complicated", so Ubuntu provides the UFW setting tool to simplify some iptables settings, and its background is still iptables. UFW is short for uncomplicated firewall. For some complicated settings, you still need to go to iptables.

UFW-related files and folders include:

/Etc/UFW/: contains some UFW environment configuration files, such as before. Rules, after. Rules, sysctl. conf, UFW. conf, before6.rule of for ip6, and after6.rules. These files are generally OK according to the default settings.

If UFW is enabled,/etc/UFW/sysctl. conf will overwrite the default/etc/sysctl. CONF file, if your original/etc/sysctl. conf has been modified. After UFW is started, If/etc/UFW/sysctl. if there is a new value in Conf, it overwrites/etc/sysctl. conf, otherwise/etc/sysctl. conf. Of course, you can modify the "ipt_sysctl =" entry in/etc/default/UFW to set which sysctrl. conf to use.

/Var/lib/UFW/user. the rules file contains some of the firewall rules we have set. You can see the rules when you open the file. Sometimes you can directly modify the file without using commands. After modification, remember that UFW reload is restarted to make the new rule take effect.

Below are some examples of UFW command line:

UFW enable/disable: enable/disable UFW

UFW status: view the defined UFW rules

UFW default allow/Deny: Allow/deny external access by default

UFW allow/deny 20: Allow/deny access to port 20. After Port 20, it can be followed by/tcp or/udp, indicating TCP or UDP packets.

Ufw allow/deny servicename: ufw finds the port of the corresponding service from/etc/services and filters out the port.

Ufw allow proto tcp from 10.0.1.0/10 to local ip port 25: allow tcp packets from 10.0.1.0/10 to access port 25 of the local machine.

Ufw delete allow/deny 20: delete the previously defined rule "allow/deny access to port 20"