In this post, I would continue to write about preparing for the CKS (Certified Kubernetes Security Specialist) exam. I would write my own notes about the exam, and you can refer to these articles to prepare your own.
List of the series of posts:
- Ubuntu System
3. Linux UFW (Uncomplicated firewall)
3.1 What is UFW?
UFW stands for uncomplicated firewall
Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. UFW is available by default in all Ubuntu installations after 8.04 LTS
3.2 UFW commonly used commands
#installation apt install ufw -y #Enable ufw enable #Disable ufw disable #Status query ufw status #Reset ufw reset #Allow all access to external connections ufw default allow outgoing #Block all incoming connections ufw default deny incoming #Block a specific IP connection, add to the blacklist ufw deny from 192.168.29.36 #Prohibit a special port ufw deny 80/tcp #Allow ssh, http/https ufw allow ssh ufw allow http ufw allow https #Allow to specify TCP/UDP port ufw allow 80/tcp ufw allow 53/udp #Specify rules according to the port range ufw allow 9000:9002/tcp #Set the rules according to the source address range, the following rules allow the 192.168.0.0/24 client to access the tcp/22 port of the machine ufw allow from 192.168.0.0/24 to any port 22 proto tcp #View existing UFW rules ufw status verbose ufw status numbered #According to the sequence number list, you can delete according to the sequence number #Delete rules, just add delete ufw delete allow http ufw delete 2 #2 is the sequence number of ufw status numbered above #Restart the machine shutdown -r now
In this post, I write some examples about how to do linux network hardening by UFW when using linux operating systems.