31 lines
447 B
Markdown
31 lines
447 B
Markdown
|
# UFW config
|
||
|
|
|
||
|
|
To enable UFW :
|
||
|
|
```
|
||
|
|
# dinitctl enable ufw
|
||
|
|
# ufw enable
|
||
|
|
```
|
||
|
|
|
||
|
|
Deny all incoming traffic by default, allow outgoing :
|
||
|
|
```
|
||
|
|
# ufw default deny incoming
|
||
|
|
# ufw default allow outgoing
|
||
|
|
```
|
||
|
|
|
||
|
|
Open needed ports, here an example with `SSH` :
|
||
|
|
```
|
||
|
|
# ufw allow ssh
|
||
|
|
```
|
||
|
|
|
||
|
|
> Common ports are `ssh`, `http`, `https`, `dns`, etc...
|
||
|
|
|
||
|
|
You may also limit SSH connections against brute-force :
|
||
|
|
```
|
||
|
|
# ufw limit ssh
|
||
|
|
```
|
||
|
|
|
||
|
|
Then reload UFW :
|
||
|
|
```
|
||
|
|
# ufw reload
|
||
|
|
```
|