我可以通过输入并输入来查看 ufw 状态
sudo ufw 状态
我想将其备份为文件。此信息作为文件保存在哪里?
答案1
它在文件中/etc/ufw/user.rules(/etc/ufw/user6.rules尽管你可能应该备份整个/etc/ufw/)
前任。
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
Samba ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
Samba (v6) ALLOW Anywhere (v6)
对应 IPv4 和 IPv6RULES部分如下
$ sudo sed '/RULES/,/END RULES/!d' /etc/ufw/user{,6}.rules
### RULES ###
### tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 22 -j ACCEPT
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
-A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
-A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
### END RULES ###
### RULES ###
### tuple ### allow tcp 22 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 22 -j ACCEPT
### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - in
-A ufw6-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - in
-A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
### END RULES ###
答案2
如果您只想要自己的规则,并且希望按照在命令行中输入的方式备份它们:
n=0
echo -n "" > ufw_backup
while [ 1 ]
do
((n++))
we=$(ufw delete $n <<<"n" 2>/dev/null)
if [ $? == 0 ]
then
we=$(sed -E "/Deleting:|Proceed with operation \(y\|n\)\? Aborted/d" <<<$we)
echo "ufw$we" >>ufw_backup
else
break
fi
done
cat ufw_backup
我愿意接受变化和改进。
该脚本可能很危险。不要将“n”改为“y”,否则您将删除所有规则。