Ubuntu Firewall Settings Detailed introduction

Since the 2.4 version of the Linux kernel, provides a very good firewall tool. This tool can be used to access the network data segmentation, filtering, forwarding and so on the subtle control, and thus achieve such as firewalls, NAT and other functions.
    in general, we will manage the rules of this firewall using programs such as the big iptables of fame comparison. Iptables can be flexible to define the firewall rules, the function is very powerful. But the resulting side effect is that the configuration is too complex. Always known for its simplicity and ease of use. Ubuntu comes with a relatively iptables, simpler firewall Configuration tool in its release: UFW.
    UFW is not enabled by default. In other words, the ports in Ubuntu are open by default. Use the following command to start UFW:
        $sudo UFW default Deny
         $sudo UFW enable
    with the first command, we set the default rule to allow so that all ports are turned off by default unless you indicate an open port. The second command starts the UFW. If the next time you restart the machine, UFW will also start automatically.
    for most firewall operations, it is nothing more than opening a closed port. If you want to open the SSH server 22 port, we can do this:
    $sudo UFW allow
    because in/etc/services, The service name for Port 22 is SSH. So the following commands are the same:
    $sudo ufw allow SSH
    You can now view the status of the firewall by using the following command:
  & nbsp $sudo UFW status
    Firewall loaded

To Action from
--                        ------ ----
22:tcp ALLOW Anywhere
22:UDP ALLOW Anywhere
We can see that the TCP and UDP protocols for Port 22 are open.
To delete a rule that has been added:
$sudo UFW Delete Allow 22
Open only 22 ports using the TCP/IP protocol:
$sudo UFW Allow 22/tcp
Open port 80 for TCP requests from 192.168.0.1:
$sudo UFW allow proto TCP from 192.168.0.1 to any port 22
To relate to firewalls:
$sudu UFW Disable

The UFW firewall is a host-side iptables firewall Configuration tool. The purpose of this tool is to provide users with an easily accessible interface, like package integration and dynamic detection of open ports.

Install UFW in Ubuntu:

The package currently exists in the library of Ubuntu 8.04.

sudo apt-get install UFW

This line of command will install the software into your system.

Toggle Firewall on/off (default setting is ' Disable ')

# UFW Enable|disable

Convert log status

# UFW Logging On|off

Set the default policy (for example, "mostly open" vs "mostly closed")

# UFW Default Allow|deny

License or block some inbound packages (you can view the list of services in status [see later]). You can specify a service name that exists in/etc/services by using protocol: port, or you can pass the package's meta-data. The ' allow ' argument will add the entry to the/etc/ufw/maps, while ' deny ' is the opposite. The basic syntax is as follows:

# UFW Allow|deny [service]

Shows the listening state of the firewall and port, see/var/lib/ufw/maps. The numbers in parentheses will not be displayed.

# UFW Status

[Note: Although sudo is not used above, the command prompt symbol is ' # '. So...... You know what that means, huh? This is the original. --Translator note]

UFW Use Example:

Allow Port 53

$ sudo ufw allow 53

Disable Port 53

$ sudo ufw delete Allow 53

Allow Port 80

$ sudo ufw allow 80/tcp

Disable Port 80

$ sudo ufw delete Allow 80/tcp

Allow SMTP ports

$ sudo ufw allow SMTP

Remove license for SMTP port

$ sudo ufw delete allow SMTP

Allow a specific IP

$ sudo ufw allow from 192.168.254.254

Delete the rule above

$ sudo ufw delete allow from 192.168.254.254