From ConShell
Jump to navigation Jump to search

UFW (uncomplicated firewall) is a simple firewall (script) to use on Linux distributions. It is basically a wrapper around Iptables.

It is easy to enable and manage the rules.

See this tutorial to get started.


I found it helpful to bump up the logging level to see more than just the denials.

$ sudo ufw logging medium

Log messages appear in /var/log/syslog (on Ubuntu, anyway) with prefixes like [UFW AUDIT] and [UFW BLOCK]

Jun 24 12:02:43 omega kernel: [ 3060.890170] [UFW BLOCK] IN=ens3 OUT= MAC=04:01:37:84:98:01:3c:8a:b0:0d:3f:f0:08:00 SRC= DST= LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=20036 PROTO=TCP SPT=59741 DPT=1509 WINDOW=1024 RES=0x00 SYN URGP=0 
Jun 24 12:02:46 omega kernel: [ 3063.300709] [UFW AUDIT] IN= OUT=lo SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36160 DF PROTO=TCP SPT=40520 DPT=3306 WINDOW=43690 RES=0x00 SYN URGP=0 

More info