Metainformationen zur Seite
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
start:linux:ubuntu:ufw [2020/06/29 14:45] wikiadmin [Wo wird was gespeichert ?] |
start:linux:ubuntu:ufw [2020/06/29 15:19] (aktuell) wikiadmin [Einige Beispielanwendungen] |
||
---|---|---|---|
Zeile 167: | Zeile 167: | ||
</ | </ | ||
+ | Hier eine Beispielausgabe der Datei: **/ | ||
<code CPP [enable_line_numbers=" | <code CPP [enable_line_numbers=" | ||
+ | root@HPGen10-1: | ||
+ | # | ||
+ | # rules.input-after | ||
+ | # | ||
+ | # Rules that should be run after the ufw command line added rules. Custom | ||
+ | # rules should be added to one of these chains: | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | |||
+ | # Don't delete these required lines, otherwise there will be errors | ||
+ | *filter | ||
+ | : | ||
+ | : | ||
+ | : | ||
+ | # End required lines | ||
+ | |||
+ | # don't log noisy services by default | ||
+ | -A ufw-after-input -p udp --dport 137 -j ufw-skip-to-policy-input | ||
+ | -A ufw-after-input -p udp --dport 138 -j ufw-skip-to-policy-input | ||
+ | -A ufw-after-input -p tcp --dport 139 -j ufw-skip-to-policy-input | ||
+ | -A ufw-after-input -p tcp --dport 445 -j ufw-skip-to-policy-input | ||
+ | -A ufw-after-input -p udp --dport 67 -j ufw-skip-to-policy-input | ||
+ | -A ufw-after-input -p udp --dport 68 -j ufw-skip-to-policy-input | ||
+ | |||
+ | # don't log noisy broadcast | ||
+ | -A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input | ||
+ | |||
+ | # don't delete the ' | ||
+ | COMMIT | ||
+ | root@HPGen10-1: | ||
+ | |||
</ | </ | ||
+ | |||
+ | ===== Einige Beispielanwendungen ===== | ||
+ | |||
<code CPP [enable_line_numbers=" | <code CPP [enable_line_numbers=" | ||
+ | # Listet alle Anwendungen auf die durch die Firewall gelangen soll. | ||
+ | ufw app list | ||
+ | |||
+ | # Zeigt die Details zu OpenSSH an. | ||
+ | ufw app info OpenSSH | ||
+ | |||
+ | # Lässt OpenSSH durch die Firewall. | ||
+ | ufw allow OpenSSH | ||
+ | |||
+ | # Zeigt die Einstellungen an. | ||
+ | ufw status | ||
+ | |||
+ | # Den Port 32456 über TCP freizugeben | ||
+ | ufw 32456/tcp | ||
+ | |||
</ | </ | ||
+ | |||
+ | ===== Dokumentation ===== | ||
+ | Mit folgendem Behfehl lässt sich die Dokumentation von **ufw** ausgeben | ||
+ | |||
+ | <code C#> | ||
+ | sudo man ufw | ||
+ | </ | ||
+ | |||
+ | <code C#> | ||
+ | root@HPGen10-1: | ||
+ | |||
+ | Usage: ufw COMMAND | ||
+ | |||
+ | Commands: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | allow ARGS add allow rule | ||
+ | deny ARGS add deny rule | ||
+ | | ||
+ | limit ARGS add limit rule | ||
+ | | ||
+ | | ||
+ | route RULE add route RULE | ||
+ | route delete RULE|NUM | ||
+ | route insert NUM RULE | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | show ARG show firewall report | ||
+ | | ||
+ | |||
+ | Application profile commands: | ||
+ | app list list application profiles | ||
+ | app info PROFILE | ||
+ | app update PROFILE | ||
+ | app default ARG set default application policy | ||
+ | |||
+ | root@HPGen10-1: | ||
+ | </ | ||
+ |