配置ufw

警告
本文最后更新于 2022-12-11,文中内容可能已过时。

Ubuntu UFW 配置

(1)查看ufw信息

1
sudo ufw status

(2)激活ufw

1
sudo ufw enable

(3)阻止/允许IP

1
2
3
4
# 允许IP
sudo ufw allow from 203.0.113.101
# 阻止IP
sudo ufw deny from 203.0.113.100

(3)阻止/允许port

1
2
3
4
5
6
7
8
# 允许外部访问端口8080
sudo ufw allow 8080
# 允许某ip访问端口8080
sudo ufw allow from 203.0.113.101 to any port 8080
# 阻止外部访问端口8080
sudo ufw disable 8080
# 阻止某ip访问端口8080
sudo ufw deny from 203.0.113.101 to any port 8080

(4)阻止/允许ssh

1
2
3
4
# 允许
sudo ufw allow OpenSSH
# 阻止
sudo ufw disable OpenSSH

(5)查看支持的APP,并阻止/允许

1
sudo ufw app list | grep Nginx
1
2
3
4
#Output
  Nginx Full
  Nginx HTTP
  Nginx HTTPS

删除NginxFull

1
2
3
4
#允许
sudo ufw allow "Nginx Full"
#阻止
sudo ufw deny "Nginx Full"

(6)删除规则

先查看规则

1
sudo ufw status

选择对应的规则删除,例如第二个规则

1
sudo ufw delete 2

直接根据规则来删除

1
2
sudo ufw allow from 203.0.113.101 to any port 8080
sudo ufw delete allow from 203.0.113.101 to any port 8080
0%