Ubuntu20.04 firewall setting simple tutorial (Xiaobai)

Foreword

In a society where the Internet is becoming more and more convenient, various Internet ransomware viruses are emerging one after another, even the Google browser is constantly updated to fix vulnerabilities. Many people think that only the Windows system is easy to get a virus. If you use the Linux system, it is not easy to get a virus. They often let their computers run naked without installing anti-virus software or turning on the firewall. In fact, there is also the possibility of viruses under Linux, but those viruses can hardly run automatically like under Windows systems. The characteristics of Linux determine that you need to give root permissions to software to run in many cases. This does make the computer virus. The odds are greatly reduced, but regardless of whether your Linux system is ubuntu or other distributions, even if you do not install anti-virus software, the firewall must be turned on. Unfortunately, many of our computers have turned off the firewall. Today’s blog is mainly Teach you how to turn on the firewall of the Ubuntu system to avoid the theft of important computer files.

1. installation

Ubuntu20.04 generally installs UFW (Uncomplicated Firewall) by default, which is a lightweight tool mainly used to monitor input and output traffic. If it is not installed, use the following command to install:

sudo apt install ufw

Normally, it should be disabled by default after installation. Enter the sudo ufw status verbose command to see the following interface:

This means that the firewall is not turned on, and the firewall is enabled below.

2. Enable

Enter the following command in the terminal:

sudo ufw enable
sudo ufw default deny

After running the above two commands, the firewall is turned on and automatically turned on when the system starts. Enter sudo ufw status verbose again, you can see the following interface:

The default configuration above means that all external access to the machine is closed, but the machine can access the outside normally. At the same time, I opened port 3690 to allow external access to the machine through port 3690. Here, SVN uses port 3690 by default. I can submit the code to this machine through SVN from outside.

3. Enable/disable

General users only need to set the following three commands:

sudo apt install ufw
sudo ufw enable
sudo ufw default deny

It is safe enough. If you need to open certain services, use the sudo ufw allow command to enable them, for example:

sudo ufw allow | deny [service]

Open or close a port, for example:

sudo ufw allow 53 allows external access to port 53(tcp/udp)

sudo ufw allow 3690 allows external access to port 3690(svn)

sudo ufw allow from192.168.1.111 Allow this IP to access all local ports

sudo ufw allow proto tcp from192.168.0.0/24 to any port 22 Allow specified IP segment to access specific port

sudo ufw delete allow smtp delete a certain rule established above, for example, delete svn port is sudo ufw delete allow 3690

4. Turn on/off firewall

sudo ufw enable | disable

5. Example

Here are some examples of the ufw command line:

ufw enable/disable: open/Close ufw

ufw status: View the defined ufw rules

ufw default allow/deny: external access is allowed by default/Refuse

ufw allow/deny 20: allowed/Deny access to port 20, followed by 20/tcp or/udp，表示tcp orudp封包。

sudo ufw allow proto tcp from192.168.0.0/24 to any port 22: Allow from 192.168.0.0/The tcp packet of 24 accesses port 22 of the machine.

ufw delete allow/deny 20: delete the previously defined"allow/Access to port 20 is denied"the rule of

This is the end of this article about the Ubuntu20.04 firewall setting simple tutorial (Xiaobai). For more related Ubuntu20.04 firewall settings, please search for ZaLou.Cn's previous articles or continue to browse the related articles below. Hope everyone Support ZaLou.Cn a lot in the future!