Ubuntu 는 앞에 sudo 입력
설치: apt-get -y install ufw
활성화 : ufw enable
비활성화: ufw disable
전부막음: ufw default deny
전부허용: ufw default allow
서비스이름으로 허용 : ufw allow http
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow ftp
sudo ufw allow mysql
막음 :ufw deny http
포트허용 :ufw allow 80
막음 :ufw deny 80
포트/프로토콜로 막음 : ufw deny 80/tcp
허용 : ufw allow 80/allow
특정IP(port) 허용 :sudo ufw allow from 111.111.111.111 to any port 21
특정IP(port) 막음 :sudo ufw deny from 111.111.111.111 to any port 21
IP 영역대 전부 막기
|
1 2 3 4 5 |
.IP 차단 방법 1. /etc/ufw/before.rules(# End required lines 적힌 줄 다음에 차단할 IP를 입력한다.) -A ufw-before-input -s xxx.xxx.xxx.xxx -j DROP |
참조 : https://www.cyberciti.biz/faq/how-to-block-an-ip-address-with-ufw-on-ubuntu-linux-server/
|
1 2 3 4 5 6 7 8 9 10 |
sudo vi /etc/ufw/before.rules # Block spammers -A ufw-before-input -s 178.137.80.191 -j DROP # Block ip/net (subnet) -A ufw-before-input -s 202.54.1.0/24 -j DROP $ sudo ufw reload |
에러시 : Firewall not enabled (skipping reload
|
1 2 3 4 5 6 7 8 9 10 |
root@auction:~$ sudo ufw disable Firewall stopped and disabled on system startup root@auction:~$ sudo ufw status verbose Status: inactive root@auction:~$ sudo ufw enable Command may disrupt existing ssh connection. Proceed with operation (y|n)? y |