\nsudo apt-get install ufw
\n
![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-000.png\")
<\/p>\nUbuntu\u4e5f\u662f\u67b6\u8a2dServer\u5e38\u7528\u7684Linux\u4f5c\u696d\u7cfb\u7d71\uff0c\u5feb\u8ddf\u8457\u5c0f\u7de8\u4e00\u8d77\u4f86\u4e86\u89e3\u5982\u4f55\u8a2d\u5b9a\u5167\u5efa\u7684\u9632\u706b\u7246\u8edf\u9ad4\u5427!<\/p>\n
[1]\u3001\u5b89\u88dd\u9632\u706b\u7246\u8edf\u9ad4(\u4e00\u822c\u4f86\u8aaa\u9810\u8a2d\u90fd\u662f\u6709\u5b89\u88dd\u7684)
\nsudo apt-get install ufw
\n<\/p>\n
[2]\u3001\u4e0d\u9650\u5236IP\u4f86\u6e90\u7684\u72c0\u6cc1\u4e0b\u958b\u653e\u670d\u52d9Port
\nsudo ufw allow ssh
\nsudo ufw allow http
\nsudo ufw allow https
\nsudo ufw allow 5432
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-001.png\")
<\/p>\n
[3]\u3001\u9650\u5236\u4f86\u6e90IP\u4e26\u5141\u8a31\u4efb\u4f55Port
\nsudo ufw allow from 192.168.0.1\/32
\nsudo ufw allow from 192.168.1.200\/32
\nsudo ufw allow from 192.168.3.11\/32
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-002.png\")
<\/p>\n
[4]\u3001\u9650\u5236\u4f86\u6e90IP\u4e26\u5141\u8a31\u7279\u5b9aPort
\nsudo ufw allow from 192.168.33.55 to any port 22
\nsudo ufw allow from 192.168.7.5 to any port 80
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-008.png\")
<\/p>\n
[5]\u3001\u555f\u52d5\u9632\u706b\u7246
\nsudo ufw enable
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-003.png\")
<\/p>\n
[6]\u3001\u95dc\u9589\u9632\u706b\u7246
\nsudo ufw disable
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-010.png\")
<\/p>\n
[7]\u3001\u67e5\u770b\u9632\u706b\u7246\u8a2d\u5b9a\u72c0\u614b
\nsudo ufw status
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-004.png\")
<\/p>\n
\u5e36\u51fa\u9632\u706b\u7246\u8a2d\u5b9a\u72c0\u614b\u4e26\u5e36\u51fa\u7de8\u865f\u7684\u6307\u4ee4
\nsudo ufw status numbered
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-005.png\")
<\/p>\n
[8]\u3001\u522a\u9664\u9632\u706b\u7246\u7b2c3\u689d\u898f\u5247
\nsudo ufw delete 3
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-006.png\")
<\/p>\n
[9]\u3001\u522a\u9664\u6240\u6709\u9632\u706b\u7246\u8a2d\u5b9a
\nsudo ufw reset
\n![\"\"](\"https:\/\/ailog.tw\/lifelog\/wp-content\/uploads\/2020\/01\/Ubuntu-FW-007.png\")
<\/p>\n
[10]\u3001\u9632\u706b\u7246\u9810\u8a2d\u898f\u5247\u662f\u5c01\u9396\u9084\u662f\u653e\u884c\u8a2d\u5b9a(\u5176\u5be6\u5c31\u662f\u6b63\u5411\u8868\u5217\u8ddf\u8ca0\u5411\u8868\u5217\u7684\u7528\u9014)
\n10.1\u3001\u8a2d\u5b9a\u70ba\u9810\u8a2d\u653e\u884c
\nsudo ufw default allow
\n\u5099\u8a3b\u8aaa\u660e\uff1a\u4f7f\u7528\u5728\u8ca0\u5411\u8868\u5217\u7684\u60c5\u5883\uff0c\u898f\u5247\u4e2d\u90fd\u662f\u8a2d\u5b9a\u300c\u62d2\u7d55\u9023\u7dda\u300d\u7684\u689d\u5217\uff0c\u4e0d\u5728\u898f\u5247\u5b9a\u7fa9\u7684\uff0c\u901a\u901a\u90fd\u662f\u300c\u5141\u8a31\u300d\u3002<\/p>\n
10.2\u3001\u8a2d\u5b9a\u70ba\u9810\u8a2d\u5c01\u9396
\nsudo ufw default deny
\n\u5099\u8a3b\u8aaa\u660e\uff1a\u4f7f\u7528\u5728\u6b63\u5411\u8868\u5217\u7684\u60c5\u5883\uff0c\u898f\u5247\u4e2d\u90fd\u662f\u8a2d\u5b9a\u300c\u5141\u8a31\u300d\u9023\u7dda\u7684\u689d\u5217\uff0c\u4e0d\u5728\u898f\u5247\u5b9a\u7fa9\u7684\uff0c\u901a\u901a\u90fd\u662f\u300c\u62d2\u7d55\u9023\u7dda\u300d\u3002<\/p>\n
[11]\u3001\u8a2a\u706b\u7246\u8a2d\u5b9a\u898f\u5247\u88dc\u5145
\n\u4e0a\u8ff0\u7684\u6240\u6709\u9632\u706b\u7246\u898f\u5247\u8a2d\u5b9a\u53ea\u8981\u6709\u300callow\u300d\u8ddf\u300cdeny\u300d\u7684\u5730\u65b9\u90fd\u53ef\u4ee5\u4e92\u63db\uff0c\u5c31\u770b\u60c5\u5883\u7684\u9700\u6c42\u662f\u4ec0\u9ebc\uff0c\u9019\u500b\u5c31\u8b93\u5927\u5bb6\u81ea\u5df1\u52d5\u52d5\u8166\u6402!<\/p>\n","protected":false},"excerpt":{"rendered":"
Ubuntu\u4e5f\u662f\u67b6\u8a2dServer\u5e38\u7528\u7684Linux\u4f5c\u696d\u7cfb\u7d71\uff0c\u5feb\u8ddf\u8457\u5c0f\u7de8\u4e00\u8d77\u4f86\u4e86\u89e3\u5982\u4f55\u8a2d\u5b9a\u5167\u5efa\u7684\u9632\u706b\u7246\u8edf\u9ad4\u5427!<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,379],"tags":[167,740,751],"class_list":["post-2311","post","type-post","status-publish","format-standard","hentry","category-itinfo","category-linux","tag-firewall","tag-ubuntu-18","tag-ufw"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/2311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/comments?post=2311"}],"version-history":[{"count":2,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/2311\/revisions"}],"predecessor-version":[{"id":2323,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/posts\/2311\/revisions\/2323"}],"wp:attachment":[{"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/media?parent=2311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/categories?post=2311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ailog.tw\/lifelog\/wp-json\/wp\/v2\/tags?post=2311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}