ufw (Uncomplicated Firewall)

firewall, ubuntu

# 활성화/비활성화
$ sudo ufw enable
$ sudo ufw disable
 
# 상태확인 - 자세히
$ sudo ufw status verbose
 
# 기본 룰 확인
$ sudo ufw show raw
 
# 기본 정책 차단/허용
$ sudo ufw default deny
$ sudo ufw default allow
 
# 허용
$ sudo ufw allow 22
$ sudo ufw allow 22 comment 'ssh'
$ sudo ufw allow 22/tcp
$ sudo ufw allow 22/udp
$ sudo ufw allow ssh
$ sudo ufw allow from 192.168.0.100
$ sudo ufw allow from 192.168.0.0/24
$ sudo ufw allow from 192.168.0.100 to any port 22
$ sudo ufw allow from 192.168.0.100 to any port 22 proto tcp
 
# 거부
$ sudo ufw deny 22
$ sudo ufw deny 22/tcp
$ sudo ufw deny 22/udp
$ sudo ufw deny ssh
 
# 삭제
$ sudo ufw delete deny 22
$ sudo ufw delete deny 22/tcp
$ sudo ufw delete deny 22/udp
$ sudo ufw delete deny ssh
 
# 서비스명 보기
$ less /etc/service
 
# 로그
$ sudo ufw logging on
$ sudo ufw logging off

ping (ICMP)

/etc/ufw/before.rules

=== ok icmp code ===
-A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT
-A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT
-A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT
-A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT

Numbered

$ sudo ufw status nembered
 
$ sudo ufw delete 1
$ sudo ufw insert 1 allow from 192.168.0.100

Linux

$ apt install ufw # UBUNTU

ufw (Uncomplicated Firewall)

Usage

Examples

Numbered

HELP

HELP LINUX

Installation

Command Line Interface Helper