Enable UFW
sudo UFW enable
sudo ufw default deny
After running the above two commands, the firewall is turned on and turned on automatically when the system starts. All external access to the native is turned off, but the native access is normal externally.
Turn on and off
sudo ufw allow|deny [service]
Open or close a port, for example:
sudo UFW allow SMTP allows all external IPs to access native 25/TCP (SMTP) ports
sudo ufw allow 22/tcp allows all external IP access to the native 22/tcp (SSH) port
sudo UFW allow 53 allows external access to 53 ports (TCP/UDP)
sudo ufw allow from 192.168.1.100 allows this IP access to all native ports
sudo ufw allow proto UDP 192.168.0.1 port 192.168.0.2 port 53
sudo UFW deny SMTP prevents external access to the SMTP service
sudo ufw delete allow SMTP to delete a rule established above
Load the firewall after the modification
sudo ufw reload
View firewall status
sudo UFW status
Allow a specific IP
sudo ufw allow from xxx.xxx.xx.xxx
Remove licensing for SMTP ports
sudo ufw delete Allow SMTP
Turn on the Linux server firewall