Ubuntu Firewall
330 words
2 minutes
View Status
1
| sudo ufw status verbose
|
Default
1
2
| sudo ufw default allow outgoing
sudo ufw default deny incoming
|
Enable IPv6
1
2
3
4
5
| ...
...
IPV6=yes
...
...
|
Add Rules
Service Port
1
2
| sudo ufw allow ssh
sudo ufw deny ssh
|
Protocol
1
2
3
4
| sudo ufw allow 2323/tcp
sudo ufw allow 1122/upd
sudo ufw allow out 3000/tcp
sudo ufw allow 6783:6784/tcp comment 'CNI'
|
Advanced Rules
From
1
2
| sudo ufw allow from 192.51.100.10
sudo ufw allow from 192.51.100.0/24
|
From To
1
2
| sudo ufw allow from 198.51.100.10 to any port 22 proto tcp
sudo ufw allow from 198.51.100.10 to 192.156.39.22 port 22 proto tcp
|
Delete
1
| sudo ufw delete allow 10250
|
1
| sudo ufw status numbered
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 2379:2380/tcp ALLOW IN Anywhere
[ 3] 6443/tcp ALLOW IN Anywhere
[ 4] 10250/tcp ALLOW IN Anywhere
[ 5] 10251/tcp ALLOW IN Anywhere
[ 6] 10252/tcp ALLOW IN Anywhere
[ 7] 8080/tcp ALLOW IN Anywhere
[ 8] 16440/tcp ALLOW IN Anywhere
[ 9] 1644/tcp ALLOW OUT Anywhere (out)
[10] 22/tcp (v6) ALLOW IN Anywhere (v6)
[11] 2379:2380/tcp (v6) ALLOW IN Anywhere (v6)
[12] 6443/tcp (v6) ALLOW IN Anywhere (v6)
[13] 10250/tcp (v6) ALLOW IN Anywhere (v6)
[14] 10251/tcp (v6) ALLOW IN Anywhere (v6)
[15] 10252/tcp (v6) ALLOW IN Anywhere (v6)
[16] 8080/tcp (v6) ALLOW IN Anywhere (v6)
[17] 16440/tcp (v6) ALLOW IN Anywhere (v6)
[18] 1644/tcp (v6) ALLOW OUT Anywhere (v6) (out)
|
1
2
| # The number of above list
sudo ufw delete 4
|
Status
1
2
3
| sudo ufw status
sudo ufw status verbose
sudo ufw status numbered
|
Limit
Turn on
Turn off
System Status
1
| sudo systemctl status ufw
|
CozyFex