UFW: Difference between revisions
m added Category:Firewall using HotCat |
m Text replacement - "<(\/?)source" to "<$1syntaxhighlight" |
||
| Line 9: | Line 9: | ||
== Recipes == | == Recipes == | ||
Take the output from querying the rules on a server named <code>it</code> and apply to whatever other host you need | Take the output from querying the rules on a server named <code>it</code> and apply to whatever other host you need | ||
< | <syntaxhighlight lang="bash"> | ||
ssh it sudo cat /etc/firestarter/inbound/allow-from | /usr/bin/awk '{ print "sudo ufw allow from " $1 " to any app Apache # add rule for " $2 }' | /bin/sed s/,// | ssh it sudo cat /etc/firestarter/inbound/allow-from | /usr/bin/awk '{ print "sudo ufw allow from " $1 " to any app Apache # add rule for " $2 }' | /bin/sed s/,// | ||
</ | </syntaxhighlight> | ||
== Gotcha == | == Gotcha == | ||
| Line 20: | Line 20: | ||
Check against the IPs which are present in actual iptables: | Check against the IPs which are present in actual iptables: | ||
< | <syntaxhighlight lang="bash"> | ||
iptables-save | grep ACCEPT | awk '{print $4}' | grep ^[[:digit:]] | sort -un | iptables-save | grep ACCEPT | awk '{print $4}' | grep ^[[:digit:]] | sort -un | ||
</ | </syntaxhighlight> | ||
== Sample Usage == | == Sample Usage == | ||
< | <syntaxhighlight lang="bash"> | ||
# show the status | # show the status | ||
ufw status | ufw status | ||
| Line 43: | Line 43: | ||
ufw limit ssh/tcp | ufw limit ssh/tcp | ||
# automatically limit the number of ssh attempts from a certain host over a period of time | # automatically limit the number of ssh attempts from a certain host over a period of time | ||
</ | </syntaxhighlight> | ||
== Reference and HOWTO == | == Reference and HOWTO == | ||