after playing the 2.4 version of the Linux kernel, a very good firewall tool was provided. This tool can divide, filter, forward, and so on the network data of the Access service, and then realize the functions such as firewall, Nat and so on.
In general, we will use the famous iptables and other programs to manage the firewall rules. Iptables can define firewall rules flexibly and are very powerful. But the resulting side effect is that the configuration is too complex. has always been known for its ease of use Ubuntu in its release, comes with a relatively iptables simple firewall configuration tool: UFW.
UFW is not enabled by default. In other words, the ports in Ubuntu are open by default. Start UFW with the following command:
$sudo UFW Default Deny
$sudo UFW Enable
with the first command, we set the default rule to allow, so that all ports are turned off by default unless an open port is indicated. The second command launches the UFW. The UFW will also start automatically the next time you restart the machine.
for most firewall operations, it is nothing more than opening a closed port. If you want to open port 22 on the SSH server, we can do this:
$sudo UFW allow
because in/etc/services, the service name for Port 22 is SSH. So the following commands are the same:
$sudo ufw allow SSH
You can now view the status of the firewall with the following command:
$sudo UFW Status
Firewall Loaded
To Action from
-- ------ ----
22:tcp allow Anywhere
22:udp allow Anywhere
we can see that the TCP and UDP protocols for Port 22 are turned on.
to delete a rule that has already been added:
$sudo UFW Delete allow
Open only port 22 using the TCP/IP protocol:
$sudo UFW allow 22/tcp
Open port 80 for TCP requests from 192.168.0.1:
$sudo UFW allow proto TCP from 192.168.0.1 to any port
to relational firewalls:
$sudu UFW Disable
UFW Firewall is a host-side Iptables class firewall Configuration tool. The purpose of this tool is to provide users with an easy-to-navigate interface, just like package integration and dynamic detection of open ports.
Install UFW in Ubuntu:
The package currently exists in the Ubuntu 8.04 Library.
sudo apt-get install UFW
This line of command will install the software on your system.
Turn firewall on/off (the default setting is ' Disable ')
# UFW Enable|disable
Convert log status
# UFW Logging On|off
Set default policy (e.g. "mostly open" vs "mostly closed")
# UFW Default Allow|deny
License or block certain incoming packets (you can view the list of services in "status" [see below]). You can specify a service name that exists in/etc/services in the "Protocol: port" mode, or through the meta-data of the package. The ' Allow ' parameter will add the entry to/etc/ufw/maps, while ' deny ' is the opposite. The basic syntax is as follows:
# UFW Allow|deny [service]
Displays the listening state of the firewall and port, see/var/lib/ufw/maps. The numbers in parentheses will not be displayed.
# UFW Status
[Note: Although sudo is not used above, the command prompt symbol is ' # '. So...... You know what that means, huh? This is the original. --The translator's note]
UFW Use Example:
Allow Port 53
$ sudo ufw allow 53
Disable Port 53
$ sudo ufw delete Allow 53
Allow Port 80
$ sudo ufw allow 80/tcp
Disable Port 80
$ sudo ufw delete Allow 80/tcp
Allow SMTP ports
$ sudo ufw allow SMTP
Remove licensing for SMTP ports
$ sudo ufw delete allow SMTP
Allow a specific IP
$ sudo ufw allow from 192.168.254.254
Delete the above rule
$ sudo ufw delete allow from 192.168.254.254
Ubuntu Firewall settings