Debian使用UFW进行端口访问管理

#Debian使用UFW进行端口访问管理
我们来安装了debian后,debian默认的防火墙管理工具室ufw,这里我就不对ufw进行介绍了只是介绍在debian如何通过ufw来实现对端口的管理
下面我们就来具体看看
##查看ufw状态

chengjian@debian:~$ sudo ufw status

Status: active

To                         Action      From
--                         ------      ----
8080                       ALLOW       Anywhere
8082                       ALLOW       Anywhere
1521                       ALLOW       Anywhere
3306                       ALLOW       Anywhere
8083                       ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
80/udp                     ALLOW       Anywhere
8080 (v6)                  ALLOW       Anywhere (v6)
8082 (v6)                  ALLOW       Anywhere (v6)
1521 (v6)                  ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)
8083 (v6)                  ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
80/udp (v6)                ALLOW       Anywhere (v6)

从上面可以看到我这个机器开放了很多端口的访问
##添加端口

chengjian@debian:~$ sudo ufw allow 8888
Rule added
Rule added (v6)

这个命令我们添加了一个8888端口的访问,再看看状态

chengjian@debian:~$ sudo ufw status

Status: active

To                         Action      From
--                         ------      ----
8080                       ALLOW       Anywhere
8082                       ALLOW       Anywhere
1521                       ALLOW       Anywhere
3306                       ALLOW       Anywhere
8083                       ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
80/udp                     ALLOW       Anywhere
8888                       ALLOW       Anywhere
8080 (v6)                  ALLOW       Anywhere (v6)
8082 (v6)                  ALLOW       Anywhere (v6)
1521 (v6)                  ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)
8083 (v6)                  ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
80/udp (v6)                ALLOW       Anywhere (v6)
8888 (v6)                  ALLOW       Anywhere (v6)

看这里面就有了我们新增的一条规则了
##删除规则

chengjian@debian:~$ sudo ufw delete allow 8888
Rule deleted
Rule deleted (v6)

看一下命令执行状态

Status: active

To                         Action      From
--                         ------      ----
8080                       ALLOW       Anywhere
8082                       ALLOW       Anywhere
1521                       ALLOW       Anywhere
3306                       ALLOW       Anywhere
8083                       ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
80/udp                     ALLOW       Anywhere
8080 (v6)                  ALLOW       Anywhere (v6)
8082 (v6)                  ALLOW       Anywhere (v6)
1521 (v6)                  ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)
8083 (v6)                  ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
80/udp (v6)                ALLOW       Anywhere (v6)

你看现在就已经没有了8888端口的配置了

##针对特定协议配置
我们有时候会有针对性的对某些协议进行配置,这里我们来看看针对8888端口只开启tcp请求

chengjian@debian:~$ sudo ufw allow 8888/tcp
Rule added
Rule added (v6)

Status: active

To                         Action      From
--                         ------      ----
8080                       ALLOW       Anywhere
8082                       ALLOW       Anywhere
1521                       ALLOW       Anywhere
3306                       ALLOW       Anywhere
8083                       ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
80/udp                     ALLOW       Anywhere
8888/tcp                   ALLOW       Anywhere
8080 (v6)                  ALLOW       Anywhere (v6)
8082 (v6)                  ALLOW       Anywhere (v6)
1521 (v6)                  ALLOW       Anywhere (v6)
3306 (v6)                  ALLOW       Anywhere (v6)
8083 (v6)                  ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
80/udp (v6)                ALLOW       Anywhere (v6)
8888/tcp (v6)              ALLOW       Anywhere (v6)

你看这里我们的8888端口就只有tcp的访问了

你可能感兴趣的:(Linux)