Linux Security 101 : The UFW - Uncomplicated firewall -
We first start by looking at the connection listening to incoming traffic on a system using the below command:
We see that ports 22,8080 and 2322 are open in coming for traffic.
The "netstat" command might be deprecated on some systems, we could use instead the "ss" command with the "-l" flag as we see below:
We could set the default rules to allow outgoing connections:
We could also set the default rules to reject incoming connections:
Now, we could add the "allow" rules for our ssh connections on port 22 from the network 10.111.23.0/24 for example:
we could also add the "allow" rules for our http connections on port 8080 from the network 10.111.23.0/24:
In case, we didn't deny all the incoming connections by default, we could add a rule to reject any connection to port 2322:
Now, it is time to enable and start our firewall:
To check is UFW is active on the system, we use the below command:
To remove a rule for example the one related to port 2322, we use the below command:
Comments