Created
January 7, 2019 15:57
-
-
Save SevenLayerJedi/24b6f106b70b95757c4d7ee131090c69 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # UFW Commands to make your life eaiser | |
| # Install UFW | |
| sudo apt-get update | |
| sudo apt-get install ufw | |
| # View UFW Status | |
| sudo ufw status | |
| # Enable UFW | |
| sudo ufw enable | |
| # Disable UFW | |
| sudo ufw disable | |
| # Set to factory default | |
| sudo ufw reset | |
| # Reload the firewall | |
| sudo ufw reload | |
| # See the firewall logs live | |
| sudo tail -f /var/log/ufw.log | |
| # Show raw report of firewall | |
| sudo ufw show raw | |
| # Show listening report of firewall | |
| sudo ufw show listening | |
| # Other rules reports | |
| sudo ufw show builtins | |
| sudo ufw show before-rules | |
| sudo ufw show user-rules | |
| sudo ufw show after-rules | |
| sudo ufw show logging-rules | |
| # Show rules with numbers | |
| sudo ufw status numbered | |
| # View status of rules | |
| sudo ufw status | |
| sudo ufw status verbose | |
| # Delete a rule | |
| sudo ufw delete %rulenumber% | |
| # Insert a rule in a particular place | |
| sudo ufw insert 1 %rule% | |
| # Block IP Address | |
| sudo ufw deny from 10.10.25.20 | |
| # Block connection to specific interface | |
| sudo ufw deny in on eth0 from 10.10.25.20 | |
| # Reject SSH traffic from specific IP | |
| # They will receive a "telnet: Unable to connect to remote host: Connection refused" | |
| sudo ufw reject 22 in from 60.60.60.60 comment 'Dont allow SSH traffic' | |
| # Allow Service (ssh) | |
| sudo ufw allow ssh | |
| sudo ufw allow 22 | |
| # Allow SSH and add a comment | |
| sudo ufw allow proto tcp from any to any port 22 comment 'ssh allow rule' | |
| # Allow SSH from specific ip address or subnet | |
| sudo ufw allow from 10.10.25.0/24 to any port 22 | |
| # Allow port range for tcp | |
| sudo ufw allow 2000:2500/tcp | |
| # Allow incoming RSYNC from specific IP | |
| sudo ufw allow from 10.10.25.0/24 to any port 873 | |
| # Allow all incoming HTTP | |
| sudo ufw allow http | |
| sudo ufw allow 80 | |
| # Allow all incoming HTTPS | |
| sudo ufw allow https | |
| sudo ufw allow 443 | |
| # Allow all incoming HTTP and HTTPS | |
| sudo ufw allow proto tcp from any to any port 80,443 | |
| # Allow MYSQL from specific IP | |
| sudo ufw allow from 15.15.15.1 to any port 3306 | |
| # Allow PostgreSQL to specific interface | |
| sudo ufw allow in on eth1 to any port 5432 | |
| # Block outgoing SMTP | |
| sudo ufw deny out 25 | |
| Allow all incoming mail | |
| sudo ufw allow 25 | |
| sudo ufw allow 143 | |
| sudo ufw allow 993 | |
| sudo ufw allow 110 | |
| sudo ufw allow 995 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment