UFW a host-side iptables firewall Configuration Tool

Source: Internet
Author: User
Keywords nbsp firewall configuration end Iptables port
Tags access aliyun applications apt configuration configuration tool course delete

UFW is a host-side iptables firewall Configuration tool, relatively easy to get started. General http://www.aliyun.com/zixun/aggregation/8284.html "> desktop application using UFW has been able to meet the requirements.

Installation method

sudo apt install UFW

Of course, this is a graphical interface (relatively simple), in the new GUFW search for a Try ...

How to use

1 Enable

sudo UFW enable

sudo ufw default deny

Function: The firewall is turned on and all external access to the computer is turned off as the system starts (the native access is external to normal).

2 off

sudo ufw disable

3 View firewall status

sudo UFW status

4 Open/Disable the corresponding port or service example

sudo UFW allow 80 allows external access to port 80

sudo ufw delete allow 80 prohibit external access to port 80

sudo ufw allow from 192.168.1.1 allows this IP access to all native ports

sudo UFW deny SMTP prohibits external access to the SMTP service

sudo ufw delete allow SMTP Delete a rule established above

UFW deny Proto TCP from 10.0.0.0/8 to 192.168.0.1 port to reject all traffic from TCP's 10.0.0.0/8 to port 22 's address 192.168.0.1

You can allow all RFC1918 networks (LAN/WLAN) to access this host (/8,/16,/12 is a network rating):
sudo ufw allow from 10.0.0.0/8
sudo ufw allow from 172.16.0.0/12
sudo ufw allow from 192.168.0.0/16

Recommended settings

sudo apt install UFW

sudo UFW enable

sudo ufw default deny

This setting is already secure and you can use sudo ufw allow to open the service if you have special needs.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.