Since the 2.4 version of the Linux kernel, a very good firewall tool has been provided. This tool can divide, filter, forward, and so on the network data of the Access service, and then realize the functions such as firewall, Nat and so on.
In general, we will use the famous iptables and other programs to manage the firewall rules. Iptables can define firewall rules flexibly and are very powerful. But the resulting side effect is that the configuration is too complex. has always been known for its ease of use Ubuntu in its release, comes with a relatively iptables simple firewall configuration tool: UFW.
UFW is not enabled by default. In other words, the ports in Ubuntu are open by default. Start UFW with the following command:
$sudo UFW Default Deny
$sudo UFW Enable
With the first command, we set the default rule to allow, so that all ports are turned off by default unless an open port is indicated. The second command launches the UFW. The UFW will also start automatically the next time you restart the machine.
For most firewall operations, it is nothing more than opening a closed port. If you want to open port 22 on the SSH server, we can do this:
$sudo UFW allow 22
Because in/etc/services, the service name for Port 22 is SSH. So the following commands are the same:
$sudo UFW allow SSH
You can now view the status of the firewall with the following command:
$sudo UFW Status
Firewall Loaded
To Action from
– —— —-
22:tcp Allow Anywhere
22:UDP Allow Anywhere
We can see that the TCP and UDP protocols for Port 22 are turned on.
To delete a rule that has already been added:
$sudo UFW Delete Allow 22
Open only port 22 using the TCP/IP protocol:
$sudo UFW Allow 22/tcp
Open port 80 for TCP requests from 192.168.0.1:
$sudo UFW allow proto TCP from 192.168.0.1 to any port 22
To relational firewalls:
$sudu UFW Disable
UFW firewall configuration under Ubuntu
2009-06-26 23:47
UFW Firewall is a host-side Iptables class firewall Configuration tool. The purpose of this tool is to provide users with an easy-to-navigate interface, just like package integration and dynamic detection of open ports.
Install UFW in Ubuntu:
The package currently exists in the Ubuntu 8.04 Library.
sudo apt-get install UFW
This line of command will install the software on your system.
Turn firewall on/off (the default setting is ' Disable ')
# UFW Enable|disable
Convert log status
# UFW Logging On|off
Set default policy (e.g. "mostly open" vs "mostly closed")
# UFW Default Allow|deny
License or block certain incoming packets (you can view the list of services in "status" [see below]). You can specify a service name that exists in/etc/services in the "Protocol: port" mode, or through the meta-data of the package. The ' Allow ' parameter will add the entry to/etc/ufw/maps, while ' deny ' is the opposite. The basic syntax is as follows:
# UFW Allow|deny [service]
Displays the listening state of the firewall and port, see/var/lib/ufw/maps. The numbers in parentheses will not be displayed.
# UFW Status
[Note: Although sudo is not used above, the command prompt symbol is ' # '. So...... You know what that means, huh? This is the original. --The translator's note]
UFW Use Example:
Allow Port 53
$ sudo ufw allow 53
Disable Port 53
$ sudo ufw delete Allow 53
Allow Port 80
$ sudo ufw allow 80/tcp
Disable Port 80
$ sudo ufw delete Allow 80/tcp
Allow SMTP ports
$ sudo ufw allow SMTP
Remove licensing for SMTP ports
$ sudo ufw delete allow SMTP
Allow a specific IP
$ sudo ufw allow from 192.168.254.254
Delete the above rule
$ sudo ufw delete allow from 192.168.254.254
——————————————
I still use 7.10, so the process of translation of the above steps have not been tested.
Ubuntu's name is very mouth, has been unable to remember:
* Ubuntu 6.06 LTS (Dapper Drake)
* Ubuntu 6.10 (Edgy Eft)
* Ubuntu 7.04 (feisty fawn)
* Ubuntu 7.10 (gutsy Gibbon)
* Ubuntu 8.04 (Hardy Heron)
Ubuntu Firewall
2010-01-14 11:02
UFW is a simple firewall configuration tool under Ubuntu, the bottom or call iptables to deal with, although the function is relatively simple, but for desktop-type application is more practical, basic common functions have, use is easier.
= = Bobber (admin.net#163.com) Original, reproduced please specify = =
==http://www.eit.name==
1. Installation
sudo apt-get install UFW
2. Enable
sudo UFW enable
sudo ufw default deny
After running the above two commands, the firewall is turned on and turned on automatically when the system starts.
All external access to the native is turned off, but the native access is normal externally.
3. Turn ON/off
sudo ufw allow|deny [service]
Open or close a port, for example:
sudo UFW allow SMTP allows all external IPs to access native 25/TCP (SMTP) ports
sudo ufw allow 22/tcp allows all external IP access to the native 22/tcp (SSH) port
sudo UFW allow 53 allows external access to 53 ports (TCP/UDP)
sudo ufw allow from 192.168.1.100 allows this IP access to all native ports
sudo ufw allow proto UDP 192.168.0.1 port 192.168.0.2 port 53
sudo UFW deny SMTP prevents external access to the SMTP service
sudo ufw delete allow SMTP to delete a rule established above
4. View firewall status
sudo UFW status
For general users, only the following settings are required:
sudo apt-get install UFW
sudo UFW enable
sudo default deny
The above three commands are safe enough, if you need to open some services, then use sudo ufw allow to open.
Ubuntu Firewall UFW Setup Introduction
2010-03-03 16:27
1. Installation
sudo apt-get install UFW
2. Enable
sudo UFW enable
sudo ufw default deny
After running the above two commands, the firewall is turned on and turned on automatically when the system starts. All external access to the native is turned off, but the native access is normal externally.
3. Turn ON/off
sudo ufw allow|deny [service]
Open or close a port, for example:
sudo UFW allow SMTP allows all external IPs to access native 25/TCP (SMTP) ports
sudo ufw allow 22/tcp allows all external IP access to the native 22/tcp (SSH) port
sudo UFW allow 53 allows external access to 53 ports (TCP/UDP)
sudo ufw allow from 192.168.1.100 allows this IP access to all native ports
sudo ufw allow proto UDP 192.168.0.1 port 192.168.0.2 port 53
sudo UFW deny SMTP prevents external access to the SMTP service
sudo ufw delete allow SMTP to delete a rule established above
4. View firewall status
sudo UFW status
For general users, only the following settings are required:
sudo apt-get install UFW
sudo UFW enable
sudo ufw default deny
The above three commands are safe enough, if you need to open some services, then use sudo ufw allow to open.
Turn firewall on/off (the default setting is ' Disable ')
sudo ufw enable|disable
Convert log status
sudo ufw logging On|off
Set default policy (e.g. "mostly open" vs "mostly closed")
sudo ufw default Allow|deny
Licensed or shielded port (you can view the list of services in "status"). You can specify a service name that exists in/etc/services in the "Protocol: port" mode, or through the meta-data of the package. The ' Allow ' parameter will add the entry to/etc/ufw/maps, while ' deny ' is the opposite. The basic syntax is as follows:
sudo ufw allow|deny [service]
Displays the listening state of the firewall and port, see/var/lib/ufw/maps. The numbers in parentheses will not be displayed.
sudo UFW status
UFW Use Example:
Allow Port 53
$ sudo ufw allow 53
Disable Port 53
$ sudo ufw delete Allow 53
Allow Port 80
$ sudo ufw allow 80/tcp
Disable Port 80
$ sudo ufw delete Allow 80/tcp
Allow SMTP ports
$ sudo ufw allow SMTP
Remove licensing for SMTP ports
$ sudo ufw delete allow SMTP
Allow a specific IP
$ sudo ufw allow from 192.168.254.254
Delete the above rule
$ sudo ufw delete allow from 192.168.254.254
Ubuntu firewall configuration-ufw-iptables