sudo ufw enable|disable

Because LInux's original firewall tool iptables is too cumbersome, ubuntu provides a firewall tool ufw based on iptable by default.

The default in ubuntu 9.10 is UFW firewall, which already supports interface operations. Run the ufw command on the command line to see a series of actions that can be performed.

The simplest operation: sudo ufw status can check the status of the firewall, and my return is: inactive

sudo ufw version firewall version:

The ubuntu system has ufw installed by default.

  1. Installation

sudo apt-get install ufw

  1. Enable

sudo ufw enable

sudo ufw default deny

After running the above two commands, the firewall is turned on, and it is automatically turned on when the system starts. Close all external access to the machine, but the machine access to the outside is normal.

  1. Enable/Disable

sudo ufw allow|deny [service]

Open or close a port, for example:Permit or block the port (you can view the service list in "status"). You can specify a service name that exists in /etc/services in the form of "protocol: port", or you can use the meta-data of the package. The ‘allow’ parameter will add entries to /etc/ufw/maps, while ‘deny’ will do the opposite. The basic syntax is as follows:After the linux 2.4 kernel, a very good firewall tool is provided: netfilter/iptables, which is free and powerful, and can finely control the incoming and outgoing information. It can realize firewall, NAT (network address translation) and data packet Split and other functions. Netfilter works inside the kernel, while iptables is a table structure that allows users to define rule sets.

But the rules of iptables are a little bit "complex", so ubuntu provides ufw as a setting tool to simplify some settings of iptables. The background is still iptables. Ufw is the abbreviation of uncomplicated firewall, some complicated settings still need to go to iptables.

Files and folders related to ufw are:





03-19 12:50