Ufw
Jump to navigation
Jump to search
UFW (uncomplicated firewall) is a simple firewall (script) to use on Linux distributions. It is basically a wrapper around Iptables.
It is easy to enable and manage the rules.
See this tutorial to get started.
I found it helpful to bump up the logging level to see more than just the denials.
$ sudo ufw logging medium
Log messages appear in /var/log/syslog (on Ubuntu, anyway) with prefixes like [UFW AUDIT] and [UFW BLOCK]
Jun 24 12:02:43 omega kernel: [ 3060.890170] [UFW BLOCK] IN=ens3 OUT= MAC=04:01:37:84:98:01:3c:8a:b0:0d:3f:f0:08:00 SRC=77.72.85.8 DST=104.236.136.20 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=20036 PROTO=TCP SPT=59741 DPT=1509 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 24 12:02:46 omega kernel: [ 3063.300709] [UFW AUDIT] IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36160 DF PROTO=TCP SPT=40520 DPT=3306 WINDOW=43690 RES=0x00 SYN URGP=0
More info