However there are better alternatives namely firewalld.
Firewalld is a front to Iptables and has a lot of functionality such as services,ports,zones,port-forwarding etc.
To install it run
Code: Select all
systemctl disable ufw OR ###for sysvinit
update-rc.d ufw disable
apt update && apt install firewalld firewall-config
You will be able to open services and ports on your firewall (and many many other things)
Either manually by using
firewall-cmd
OR via the GUI which is named "Firewall" in xfce search.
Some examples:
Code: Select all
firewall-cmd --add-service="ssh" --permanent ####ADD THE SSH SERVICE
firewall-cmd --add-port=22/tcp --permanent ###ADD THE SSH SERVICE BY SPECIFYING ITS PORT NUMBER
firewall-cmd --reload #####ALWAYS RUN THIS AFTER ADDING SERVICES OR PORTS TO THE FIREWALL TO MAKE THEM PERSISTENT
firewall-cmd --get -services ####TO GET ALL THE AVAILABLE SERVICES
firewall-cmd --get-default ####TO GET THE DEFAULT OPERATIONAL ZONE
firewall-cmd set-default <desired-zone> --permanent ###TO SET THE DEFAULT ZONE
BUT you can also use the GUI which is much easier.
CAVEAT:After installing a new daemon or service remember to ALWAYS open its port n firewalld OR it may NOT FUNCTION properly
Have fun with firewalld
...and burn all the "freaking" intruders off.
IF you find opening ports and allowing services too much of a headache for you then disable firewalld and RE-ENABLE ufw.
