37 lines
1.2 KiB
Plaintext
37 lines
1.2 KiB
Plaintext
Ufw (Uncomplicated Firewall) is program for managing a netfilter
|
|
firewall. It provides a command line interface and aims to be
|
|
uncomplicated and easy to use.
|
|
|
|
Slackware's 'rc.init2' script has an entry for a 'rc.firewall' script
|
|
which is not a default included file in the distribution which we can
|
|
hook into to start UFW as early as we can in the boot process by
|
|
creating a symlink like so:
|
|
|
|
ln -s /etc/rc.d/rc.ufw /etc/rc.d/rc.firewall
|
|
|
|
Then ensure you've set the 'rc.ufw' script exec permissions with:
|
|
|
|
chmod 755 /etc/rc.d/rc.ufw
|
|
|
|
to start UFW at system startup.
|
|
|
|
Ufw comes with a number of common application profiles. Create
|
|
additional application profiles under /etc/ufw/applications.d.
|
|
Each profile should contain a list of rules which include a title,
|
|
description, and port(s) or port range.
|
|
|
|
A custom application profile should look similar to this:
|
|
|
|
[Application]
|
|
title=Application title
|
|
description=A description for the application.
|
|
ports=137,138/udp|139,445/tcp
|
|
|
|
Where xx.xx.xx.xx is the IP address of an external host, enable this
|
|
application profile by executing the following as root:
|
|
|
|
# ufw allow from xx.xx.xx.xx app Application
|
|
|
|
For a nice GUI program to control UFW with, check out 'gui-ufw' as
|
|
well on SBo.
|