页面“Ufw on debian”与“Docker 镜像瘦身优化容器优化”之间的差异

来自linux中国网wiki
(页面间的差异)
跳到导航 跳到搜索
 
(创建页面,内容为“ https://y0ngb1n.github.io/a/8df8f831.html”)
 
第1行: 第1行:
[[category:ops]]  [[category:debian]] 
 
  
=*  install=
 
  
apt  install ufw
+
https://y0ngb1n.github.io/a/8df8f831.html
 
 
=* Configuration=
 
<pre>
 
ufw enable
 
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
 
Firewall is active and enabled on system startup
 
 
 
 
 
 
 
UFW’s defaults are to deny all incoming connections and allow all outgoing connections.
 
 
 
可见 这两个不要手工执行了 默认就有的 现执行就可以连ssh都上不去了
 
ufw default deny incoming
 
ufw default allow outgoing
 
 
 
ufw status verbose
 
</pre>
 
 
 
=* Firewall Rules=
 
<pre>
 
ufw app list
 
 
 
 
ufw  allow 'SSH'
 
ufw  allow  22/tcp
 
ufw  allow WWW #其实就是80
 
 
 
 
 
ufw allow 'Nginx HTTP'
 
 
 
 
 
ufw allow 53/tcp </pre>
 
 
 
 
 
 
 
==** Port Ranges ==
 
<pre>
 
Port ranges may also be specified, a simple example for tcp would be:
 
 
 
  ufw allow 1000:2000/tcp
 
 
 
and for udp:
 
 
 
  ufw allow 1000:2000/udp</pre>
 
 
 
==** IP address==
 
<pre>An IP address may also be used:
 
 
 
ufw allow from 111.222.333.444</pre>
 
 
 
=* Deleting Rules=
 
<pre>
 
Rules may be deleted with the following command:
 
 
 
ufw delete allow ssh
 
 
 
ufw reset
 
 
 
 
 
</pre>
 
 
 
=troubleshooting=
 
<pre>
 
 
 
openssh都连接上去
 
 
 
这个导致上不了的
 
ufw default deny incoming
 
 
 
如何确定在 ssh这后再deny incoming 呢  参考iptalbes ?
 
 
 
 
 
 
 
</pre>
 
 
 
 
 
=* see also=
 
https://wiki.debian.org/Uncomplicated%20Firewall%20%28ufw%29
 
 
 
https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw/
 
 
 
 
 
https://help.ubuntu.com/community/UFW
 
 
 
https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server
 
 
 
[https://zhuanlan.zhihu.com/p/36646621 ubuntu ufw 防火墙]
 

2020年2月28日 (五) 07:19的版本


https://y0ngb1n.github.io/a/8df8f831.html

取自“http://wiki.linuxchina.net/index.php?title=Ufw_on_debian&oldid=3049