others-prepare for cks exam with me 5: Linux UFW（Uncomplicated firewall）

May 26, 2021

1. Purpose

In this post, I would continue to write about preparing for the CKS (Certified Kubernetes Security Specialist) exam. I would write my own notes about the exam, and you can refer to these articles to prepare your own.

List of the series of posts:

-prepare for cks exam with me 1: Linux user and group management

-prepare for cks exam with me 2: Linux ssh hardening

-prepare for cks exam with me 3: Linux remove obsolete packages and services

-prepare for cks exam with me 4: Linux kernal hardening

-prepare for cks exam with me 5: Linux UFW（Uncomplicated firewall）

-prepare for cks exam with me 6: Seccomp in Linux, Docker and Kubernetes

-prepare for cks exam with me 7: Apparmor in Linux, Docker and Kubernetes

-prepare for cks exam with me 8: Security context in Kubernetes

-prepare for cks exam with me 9: Admission controllers in Kubernetes

-prepare for cks exam with me 10: Pod security policy in Kubernetes

-prepare for cks exam with me 11: Open policy agent in Kubernetes

-prepare for cks exam with me 12: Secrets in Kubernetes

-prepare for cks exam with me 13: Container runtimes(gvisor/kata containers) in Kubernetes

-prepare for cks exam with me 14: Container Image security in Docker and Kubernetes

-prepare for cks exam with me 15: How to print docker images of all pods in kubernetes

2. Environment

CKS
Ubuntu System

3. Linux UFW (Uncomplicated firewall)

3.1 What is UFW?

UFW stands for uncomplicated firewall

Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. UFW is available by default in all Ubuntu installations after 8.04 LTS

3.2 UFW commonly used commands

#installation
apt install ufw -y

#Enable
ufw enable

#Disable
ufw disable

#Status query
ufw status

#Reset
ufw reset

#Allow all access to external connections
ufw default allow outgoing

#Block all incoming connections
ufw default deny incoming

#Block a specific IP connection, add to the blacklist
ufw deny from 192.168.29.36

#Prohibit a special port
ufw deny 80/tcp

#Allow ssh, http/https
ufw allow ssh
ufw allow http
ufw allow https

#Allow to specify TCP/UDP port
ufw allow 80/tcp
ufw allow 53/udp

#Specify rules according to the port range
ufw allow 9000:9002/tcp

#Set the rules according to the source address range, the following rules allow the 192.168.0.0/24 client to access the tcp/22 port of the machine
ufw allow from 192.168.0.0/24 to any port 22 proto tcp

#View existing UFW rules
ufw status verbose
ufw status numbered #According to the sequence number list, you can delete according to the sequence number

#Delete rules, just add delete
 ufw delete allow http
ufw delete 2 #2 is the sequence number of ufw status numbered above

#Restart the machine
shutdown -r now

4. Summary

In this post, I write some examples about how to do linux network hardening by UFW when using linux operating systems.