UFW a host-side iptables firewall Configuration Tool

UFW is a host-side iptables firewall Configuration tool, relatively easy to get started. General http://www.aliyun.com/zixun/aggregation/8284.html "> desktop application using UFW has been able to meet the requirements.

Installation method

sudo apt install UFW

Of course, this is a graphical interface (relatively simple), in the new GUFW search for a Try ...

How to use

1 Enable

sudo UFW enable

sudo ufw default deny

Function: The firewall is turned on and all external access to the computer is turned off as the system starts (the native access is external to normal).

2 off

sudo ufw disable

3 View firewall status

sudo UFW status

4 Open/Disable the corresponding port or service example

sudo UFW allow 80 allows external access to port 80

sudo ufw delete allow 80 prohibit external access to port 80

sudo ufw allow from 192.168.1.1 allows this IP access to all native ports

sudo UFW deny SMTP prohibits external access to the SMTP service

sudo ufw delete allow SMTP Delete a rule established above

UFW deny Proto TCP from 10.0.0.0/8 to 192.168.0.1 port to reject all traffic from TCP's 10.0.0.0/8 to port 22 's address 192.168.0.1

You can allow all RFC1918 networks (LAN/WLAN) to access this host (/8,/16,/12 is a network rating):
sudo ufw allow from 10.0.0.0/8
sudo ufw allow from 172.16.0.0/12
sudo ufw allow from 192.168.0.0/16

Recommended settings

sudo apt install UFW

sudo UFW enable

sudo ufw default deny

This setting is already secure and you can use sudo ufw allow to open the service if you have special needs.