警告
本文最后更新于 2020-10-04,文中内容可能已过时。
下文引用自Wikipedia
UFW全称为Uncomplicated
Firewall[1],是Ubuntu系统上默认的防火墙组件,为了轻量化配置iptables而开发的一款工具。UFW提供一个非常友好的界面用于创建基于IPV4,IPV6的防火墙规则。
UFW的图形用户界面叫做“Gufw”。
1
|
sudo apt-get install gufw
|
1
2
3
4
5
6
7
8
9
10
11
12
|
sudo ufw deny 111
sudo ufw allow 80/tcp
sudo ufw allow http/tcp
# To allow connections from an IP address:
sudo ufw allow from 198.51.100.0
# To allow connections from a specific subnet:
sudo ufw allow from 198.51.100.0/24
# To allow a specific IP address/port combination:
sudo ufw allow from 198.51.100.0 to any port 22 proto tcp
|
1
2
3
4
5
6
7
8
|
# 查看简要状态
sudo ufw status
# 显示rule的号码
sudo ufw status numbered
# 显示详细信息
sudo ufw status verbose
|
1
|
sudo ufw delete RULE_NUM
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
cat /etc/ufw/applications.d/game
[privoxy]
title=privoxy
description=privoxy
ports=8118/tcp
[nginx]
title=nginx
description=nginx
ports=80/tcp
[supervisor]
title=supervisor
description=supervisor 9001
ports=9001/tcp
[samba_tcp]
title=samba
description=samba 139/tcp,445/tcp
ports=139,445/tcp
[samba_udp]
title=samba
description=samba 137/udp,138/udp
ports=137,138/udp
|
规则需要按照名字一个个应用
1
2
3
4
5
|
# 列出所有可应用的应用程序
sudo ufw app list
# 查看应用的详细信息
sudo ufw app info PROFILE
|
1
|
sudo ufw app update PROFILE
|
How to Configure a Firewall with UFW
Gufw
How To Set Up a Firewall with UFW on Ubuntu 18.04