2016-01-01 15:31:10 +00:00
|
|
|
# ufw
|
|
|
|
|
|
|
|
|
|
> Uncomplicated Firewall.
|
|
|
|
|
> Frontend for iptables aiming to make configuration of a firewall easier.
|
|
|
|
|
|
|
|
|
|
- Enable ufw:
|
|
|
|
|
|
|
|
|
|
`ufw enable`
|
|
|
|
|
|
|
|
|
|
- Disable ufw:
|
|
|
|
|
|
|
|
|
|
`ufw disable`
|
|
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Show ufw rules, along with their numbers:
|
2016-05-17 12:31:03 +01:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw status numbered`
|
2016-05-17 12:31:03 +01:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Allow incoming traffic on port 5432 on this host:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw allow {{5432}}`
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw allow from {{192.168.0.4}} to {{any}} port {{22}} proto {{tcp}}`
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Deny traffic on port 80 on this host:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw deny {{80}}`
|
|
|
|
|
|
|
|
|
|
- Deny all UDP traffic to port 22:
|
|
|
|
|
|
|
|
|
|
`ufw deny from {{any}} to {{any}} port {{22}} proto {{udp}}`
|
|
|
|
|
|
|
|
|
|
- Remove a particular rule. The rule number can be retrieved from the `ufw status numbered` command:
|
|
|
|
|
|
|
|
|
|
`ufw delete {{rule_number}}`
|
