Ubuntu iptables firewall and ufw

Others 2019-06-12 06:21:45 views: null
Copyright: welcome the exchange of learning, please indicate the source. https://blog.csdn.net/qq_23869697/article/details/90242695

iptables

When setting up the server to allow remote connections Mysql need to open some ports, related to the firewall settings.
Each tutorial mentioned the most is to modify iptables, however, in view firewall using command
service iptables status
prompt iptables: unrecoginzed service.

The current versions of Linux, ubuntu 16.04, in this new version is no longer a service in the new version iptables .

If you want to continue using iptables configuration, it can http://www.cnblogs.com/general0878/p/5757377.html implementation of the method.
Here UFW firewall.

UFW

Ubuntu firewall installed and configured http://www.linuxidc.com/Linux/2016-12/138259.html
procedure is as follows:

(1) Ubuntu installation UFW firewall

sudo apt-get install ufw

(2) Turn on the firewall:

sudo ufw enable  #运行以上两条命令后,开启了防火墙,并在系统启动时自动开启
# sudo ufw default deny #关闭所有外部对本机的访问,但本机访问外部正常。

(3) Enable / disable ports

sudo ufw allow|deny [service]
Open or close a port, for example:

sudo ufw allow smtp       #允许所有的外部IP访问本机的25/tcp (smtp)端口 
sudo ufw allow 22/tcp      #允许所有的外部IP访问本机的22/tcp (ssh)端口 
sudo ufw allow 53          #允许外部访问53端口(tcp/udp) 
sudo ufw allow from 192.168.1.100 #允许此IP访问所有的本机端口 
sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53 
sudo ufw deny smtp         #禁止外部访问smtp服务 
sudo ufw delete allow smtp #删除上面建立的某条规则

(4) Check firewall status

sudo ufw status

(5) added:

# Turn on / off the firewall (the default setting is 'disable')
ufw enable|disable

# Conversion log status
ufw logging on|off

# Set the default policy (such as "mostly open" vs "mostly closed")
ufw default allow|deny

# Permit or block certain inbound packet (which may be viewed in the "status" in the service list [see below])
# can use the "Protocol: Port" to specify a service name is present in the / etc / services in, by meta-data may be packet. 'allow' parameter will entry to the / etc / ufw / maps, and 'deny' and vice versa. The basic syntax is as follows:
ufw allow|deny [service]

(6) UFW usage examples:

# Allow port 53
$ sudo ufw allow 53

# Disable port 53
$ sudo ufw delete allow 53

# Allow port 80
$ sudo ufw allow 80/tcp

# Disable port 80
$ sudo ufw delete allow 80/tcp

# Allow smtp port
$ sudo ufw allow smtp

# Delete license smtp ports
$ sudo ufw delete allow smtp

# Allow a specific IP
$ sudo ufw allow from 192.168.254.254

# Delete the above rules
$ sudo ufw delete allow from 192.168.254.254

Guess you like

Origin blog.csdn.net/qq_23869697/article/details/90242695
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com