Ungayisetha kanjani i-firewall ku-Ubuntu

Njengawo wonke ama-Linux distros, Ubuntu usevele uza ne-firewall (firewall) efakiwe. Lesi firewall, empeleni, sifakwa ku-kernel. Ku-Ubuntu, isikhombimsebenzisi somugqa womyalo we-firewall sathathelwa indawo yisikripthi esisebenziseka kalula. Kodwa-ke, i-ufw (i-FireWall engaqondakali) nayo inesibonisi sokuqhafaza okulula ukusisebenzisa. Kulokhu okuthunyelwe, sizokwethula umhlahlandlela wesinyathelo ngesinyathelo sendlela yokusebenzisa i-gufw, isikhombimsebenzisi sokuqhafaza se-ufw, ukulungisa i-firewall yethu.

Ngaphambi kokufaka i-gufw, akuwona umqondo omubi ukubheka isimo se-ufw. Ukwenza lokhu, ngavula ukuphela futhi ngabhala:

sudo ufw isimo

Umphumela kufanele usho okuthile okufana nalokhu: "Isimo: akusebenzi". Leso yisimo esizenzakalelayo se-firewall ku-Ubuntu: ifakiwe kepha ikhutshaziwe.

Ukufaka i-gufw, ngavula i-Ubuntu Software Center ngayisesha ukusuka lapho.

Ungayifaka futhi kusuka ku-terminal ngokuthayipha:

sudo apt-get ukufaka gufw

Ukusetha i-gufw

Uma usufakiwe, ungayifinyelela kusuka ku-System> Administration> izilungiselelo ze-Firewall.

Njengoba ukwazi ukubona kusikrini-skrini, i-ufw isebenza ngokuzenzakalela yamukela konke ukuxhumana okuphumayo futhi yenqaba konke ukuxhumana okungenayo (ngaphandle kwalezo ezihlobene neziphumayo). Lokhu kusho ukuthi noma yiluphi uhlelo lokusebenza olisebenzisayo luzokwazi ukuxhuma ngaphandle (kungaba yi-Intanethi noma ingxenye ye-Intranet yakho) ngaphandle kwezinkinga, kepha uma umuntu ovela komunye umshini efuna ukufinyelela kowakho, ngeke bakwazi.

Zonke izinqubomgomo zokuxhuma zigcinwa kufayela  / njll / okuzenzakalelayo / ufw. Ngokumangazayo, i-ufw ivimba i-IPv6 traffic ngokuzenzakalela. Ukuze uyinike amandla, hlela ifayela / njll / okuzenzakalelayo / ufw futhi ushintshe IPV6 = cha por IPV6 = yebo.

Idala imithetho yangokwezifiso

Chofoza inkinobho yokwengeza efasiteleni elikhulu le-gufw. Kunamathebhu amathathu okwenza imithetho yangokwezifiso: Okulungiselelwe ngaphambilini, okulula, nokuthuthukile.

Kusuka ku-Preconfigured ungakha uchungechunge lwemithetho ngenombolo ethile yezinsizakalo nezinhlelo zokusebenza. Izinsizakalo ezitholakalayo yilezi: FTP, HTTP, IMAP, NFS, POP3, Samba, SMTP, ssh, VNC neZeroconf. Izicelo ezikhona yilezi: I-Amule, uZamcolo, i-KTorrent, iNicotine, i-qBittorrent, neTransmission.

Kusuka ku-Simple, ungakha imithetho yetheku elizenzakalelayo. Lokhu kukuvumela ukuthi wakhe imithetho yezinsizakalo nezinhlelo zokusebenza ezingatholakali ku-Preconfigured. Ukulungisa uhla lwamachweba, ungawasetha usebenzisa i-syntax elandelayo: PORT1: PORT2.

Kusuka Kuthuthukile, ungakha imithetho ecacisiwe usebenzisa amakheli we-IP womthombo nendawo oya kuyo namachweba. Kunezinketho ezine ezitholakalayo zokuchaza umthetho: vumela, uphike, uphike, futhi ubeke umkhawulo. Umphumela wokuvumela nokuphika uyazichaza. Ukwenqaba kuzobuyisela umyalezo othi “ICMP: ukuphela okungafinyeleleki” kulowo ocelayo. Umkhawulo ukuvumela ukuthi ukhawule inani lemizamo yokuxhumeka engaphumelelanga. Lokhu kukuvikela ekuhlaselweni ngamandla.

Uma umthetho ungeziwe, uzovela ewindini elikhulu le-gufw.
Lapho umthetho usudaliwe, uzokhonjiswa ewindini elikhulu leGufw. Ungahlola futhi umthetho kusuka kusiginali yeshell ngokuthayipha isimo Sudo ufw.