-
查看防火墙状态:
sudo service ufw status
python@ubuntu:~$ sudo service ufw status
[sudo] python 的密码:
● ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: active (exited) since 二 2019-04-30 10:19:53 CST; 2h 4min ago
Process: 346 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
Main PID: 346 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/ufw.service
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
输入密码后,Active行显示active,即为激活状态。
-
开启防火墙:
拒绝所有外部访问
sudo ufw enable
sudo ufw default deny
python@ubuntu:~$ sudo ufw enable
在系统启动时启用和激活防火墙
python@ubuntu:~$ sudo ufw default deny
默认的 incoming 策略更改为 “deny”
(请相应地更新你的防火墙规则)
仅允许指定端口或服务访问,制定规则:
在设置上述关闭防火墙default deny命令之前执行:
sudo ufw allow ssh允许ssh访问
sudo ufw allow 8080允许8080端口访问
sudo ufw allow 8080/tcp允许8080端的tcp服务访问
sudo ufw allow from 123.45.67.89允许从一个 IP 地址连接删除某条规则:
sudo ufw delete allow 8080不再允许8080端口访问关闭防火墙:
sudo ufw disable
