我试图在我的 Ubuntu 12.04 机器上设置防火墙。经过一番努力,我得到了以下结果。这听起来是不是有点奇怪?
thomas@thomas-K40IJ:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
21/tcp ALLOW OUT Anywhere
80 ALLOW OUT Anywhere
22 ALLOW OUT Anywhere
21/tcp ALLOW OUT Anywhere (v6)
80 ALLOW OUT Anywhere (v6)
22 ALLOW OUT Anywhere (v6)
thomas@thomas-K40IJ:~$ sudo ufw reload
Firewall not enabled (skipping reload)
thomas@thomas-K40IJ:~$ sudo ufw enable
ERROR: Could not load logging rules
thomas@thomas-K40IJ:~$
另外,重启后我的防火墙似乎被禁用了。我遗漏了什么?
答案1
mateusz@debian:~$ sudo ufw disable
Firewall stopped and disabled on system startup
mateusz@debian:~$ sudo ufw status verbose
Status: inactive
mateusz@debian:~$ sudo ufw enable
ERROR: problem running ufw-init
即使发生错误,您也可以检查 ufw 是否正在运行。
mateusz@debian:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
80/tcp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
或者
mateusz@debian:~$ sudo service ufw status
[ ok all is running...done.
ENABLED=yes您可以轻松地在 ufw config 中手动设置
sudo nano /etc/ufw/ufw.conf
其中包含:
# /etc/ufw/ufw.conf
#
# Set to yes to start on boot. If setting this remotely, be sure to add a rule
# to allow your remote connection before starting ufw. Eg: 'ufw allow 22/tcp'
ENABLED=no
# Please use the 'ufw' command to set the loglevel. Eg: 'ufw logging medium'.
# See 'man ufw' for details.
LOGLEVEL=low
答案2
设置对我ENABLED=yes来说/etc/ufw/ufw.conf已经完成了。
$ sudo ufw reload
Firewall not enabled (skipping reload)
$ sudo ufw logging on (showing that @Thomas' solution has no effect for me)
Logging enabled
$ sudo sed -ie 's/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf
重新加载之前,请检查端口 22 是否已启用
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
重新加载
$ sudo ufw reload
Firewall reloaded
答案3
ufw有一个图形界面,可以帮助您更轻松地设置防火墙。它应该默认安装,但如果没有,请使用 进行安装sudo apt-get install gufw。
以下是其使用指南https://help.ubuntu.com/community/Gufw