First what is ufw, as per man - program for managing a netfilter firewall,This program is for managing a Linux firewall and aims to provide an easy to use interface for the user. Cool! easy to use so how do you use it as the man page said easy.
1. Run from the terminal "ufw"
:~$ ufw
Usage: ufw COMMAND
Commands:
enable enables the firewall
disable disables the firewall
default ARG set default policy to ALLOW, DENY or REJECT
logging ARG set logging to OFF, ON or LEVEL
allow|deny|reject ARG add allow, deny or reject RULE
delete RULE delete the RULE
insert NUM RULE insert RULE at NUM
status show firewall status
status numbered show firewall status as numbered list of RULES
show ARG show firewall report
version display version information
Application profile commands:
app list list application profiles
app info PROFILE show information on PROFILE
app update PROFILE update PROFILE
app default ARG set profile policy to ALLOW, DENY, REJECT or
SKIP
2. Enable it
:~$ sudo ufw enable
3 . default policies of DROP
:~$ sudo ufw default denay
4.Now look in to your rules.
:~$ sudo iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0
...............
note: if you have two network cards and one was eth0 and the second was eth1
and you were FORWARDing traffic to an internal network, maybe using NAT and having a firewall on the outside and you need to make sure that your /proc/sys/net/ipv4/ip_forward is 1
5. Check the status
:~$ sudo ufw status
Status: active
6. Check if its working.
:~$ tail /var/log/messages
thats it!
Thanks to beginlinux for the howto.
Thursday, July 9, 2009
Friday, June 26, 2009
SWAP allocation
If M < 2
S = M *2
Else
S = M + 2
Swap should equal 2x physical RAM for up to 2 GB of physical RAM, and then an additional
1x physical RAM for any amount above 2 GB, but never less than 32 MB.
S = M *2
Else
S = M + 2
Swap should equal 2x physical RAM for up to 2 GB of physical RAM, and then an additional
1x physical RAM for any amount above 2 GB, but never less than 32 MB.
Monday, June 1, 2009
I been hook with this Series
http://watchweedsepisodes.com/ -This new series is a single-camera comedy about a single mother who makes ends meet by selling marijuana in the fictional suburb of Agrestic, California. The series exposes the dirty little secrets that lie behind the pristine lawns and shiny closed doors of homes in the of this gated community.
Thursday, May 28, 2009
Thursday, May 14, 2009
Got my hands on a Netbook
Since I have three jobs two in bicol my Internetshop, TCN and with HP here in manila. I always travel allot to bicol then back to manila so I always bring my 12" Fujitsu esprimo U9200 with me which is bit heavy despite its only 12" So I have decided to get a netbook. Since the release of the eeepc901 I was so eager to get that, good thing my wife stop me and waited till eeepc release 1000HE series. I wont write a review cause there are allot of reviews out there. I'm just saying that if you only need to check on your email read some info on the net and you travel allot get a netbook. If you need to develop some thing like a web app or other programing stuff just do a remote connection to a server and do your thing. just what I'm doing as I'm writing this. I'm setting up a dev server which I will just do a ssh and from there do some scripting and other project. I have two servers one in manila other in bicol to thinker with not the 1U super doom server its just a desktop that I clone it to be a server.Bytheway I still haven't change the OS yes its windowsXP I might keep it for a month since its a license one and still need to create a usb with ubuntu 9.04 but hey most of the apps Im using is open source.
Thursday, April 9, 2009
Friday, April 3, 2009
Congrats! Dude
Atty. Solis Carlo Roberto C.Apr. 3 2009 - http://bar.judiciary.gov.ph/bar2008.htm
#1161 SOLIS Carlo Roberto C
PS.
Now I could do some cyber crimes, lol!
#1161 SOLIS Carlo Roberto C
PS.
Now I could do some cyber crimes, lol!
Subscribe to:
Posts (Atom)
