2013-07-28 19:03:23 +02:00
|
|
|
Ufw (Uncomplicated Firewall) is program for managing a netfilter firewall.
|
|
|
|
It provides a command line interface and aims to be uncomplicated and easy
|
|
|
|
to use. It is not intended to provide a complete firewall functionality via
|
|
|
|
its command interface, but provides an easy way to add or remove simple rules.
|
|
|
|
|
|
|
|
To run ufw at boot you can add the following code to rc.local file:
|
|
|
|
|
2014-09-21 13:36:48 +02:00
|
|
|
if [ -x /lib/ufw/ufw-init ]; then
|
|
|
|
/lib/ufw/ufw-init start
|
2013-07-28 19:03:23 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
Rules can be added with ports, services or application names. To specify an
|
|
|
|
application you need a profile stored under /etc/ufw/applications.d directory.
|
|
|
|
|
|
|
|
To add a profile create a app_name.INI file as the following:
|
|
|
|
|
|
|
|
[Samba]
|
|
|
|
title=File/printer server for Unix
|
|
|
|
description=Samba is a collection of programs that implements the SMB/CIFS protocol for unix systems.
|
|
|
|
ports=137,138/udp|139,445/tcp
|
|
|
|
|
|
|
|
Then, for example you can run:
|
|
|
|
ufw allow from xx.xx.xx.xx app samba
|
|
|
|
|