Skip to content

Instantly share code, notes, and snippets.

@ianchen06
Created August 5, 2015 08:28
Show Gist options
  • Save ianchen06/4a9adc3511820ee1dc65 to your computer and use it in GitHub Desktop.
Save ianchen06/4a9adc3511820ee1dc65 to your computer and use it in GitHub Desktop.
Setting up ufw on Centos

iptablesを直接いじりたくないのでufwを導入します。 sudo yum install wget make mkdir -p ~/src cd ~/src wget https://launchpad.net/ufw/0.33/0.33/+download/ufw-0.33.tar.gz tar xzf ufw-0.33.tar.gz cd ufw-0.33 sudo python ./setup.py install cd ../ sudo rm -rf ufw-0.33 sudo chmod -R g-w /etc/ufw /lib/ufw /etc/default/ufw /usr/sbin/ufw

sudo service iptables stop sudo service ip6tables stop sudo chkconfig --del iptables sudo chkconfig --del ip6tables

$ sudo ufw status Status: inactive

$ sudo ufw reset $ sudo ufw default deny $ sudo ufw allow 22 $ sudo ufw allow 80 $ sudo ufw allow 443 $ sudo ufw enable $ sudo ufw status Status: active

To Action From


22 ALLOW Anywhere 80 ALLOW Anywhere 443 ALLOW Anywhere 22 ALLOW Anywhere (v6) 80 ALLOW Anywhere (v6) 443 ALLOW Anywhere (v6) 念のため別コンソール開いてssh繋がるか確認してください(ssh繋げたまま) 次は常時起動設定 sudo sh -c "echo '/usr/sbin/ufw enable' >> /etc/rc.local" $ sudo cat /etc/rc.local | tail -3 # 念のため確認

touch /var/lock/subsys/local /usr/sbin/ufw enable $ sudo reboot 立ち上がったらちゃんと起動できてるか確認 $ sudo ufw status Status: active

To Action From


22 ALLOW Anywhere 80 ALLOW Anywhere 443 ALLOW Anywhere 22 ALLOW Anywhere (v6) 80 ALLOW Anywhere (v6) 443 ALLOW Anywhere (v6) お疲れ様でした

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment