Difference between revisions of "Setup basic firewall"
From Salix OS
(Setup) |
|||
Line 7: | Line 7: | ||
Alternatively, you can sudo slapt-get -i ufw | Alternatively, you can sudo slapt-get -i ufw | ||
− | then sudo ufw enable | + | :then sudo ufw enable |
− | + | ||
− | + | ||
− | This method will deny all incoming allow outgoing but also deny ssh connections to further protect your system. | + | :sudo ufw default deny |
+ | |||
+ | :sudo ufw deny ssh | ||
+ | |||
+ | This method will deny all incoming connections and allow outgoing but also deny ssh connections to further protect your system. | ||
+ | |||
+ | Note: if you require ssh connections then of course do not block it, if you are not sure what ssh (Secure Shell) is, then block it as it will make the system more secure. | ||
For both methods make sure you copy and paste the following to: sudo /etc/rc.d/rc.local, this will allow the firewall to start with each boot. | For both methods make sure you copy and paste the following to: sudo /etc/rc.d/rc.local, this will allow the firewall to start with each boot. | ||
− | if [ -x /lib/ufw/ufw-init ]; then | + | :if [ -x /lib/ufw/ufw-init ]; then |
− | /lib/ufw/ufw-init start | + | |
− | fi | + | :/lib/ufw/ufw-init start |
+ | |||
+ | :fi |
Revision as of 02:32, 15 May 2016
You can setup a secure basic firewall using the "Uncomplicated Firewall or UFW".
sudo slapt-get -i gufw
then sudo gufw, click status to "on". This will setup a deny all incoming and allow all outgoing firewall.
Alternatively, you can sudo slapt-get -i ufw
- then sudo ufw enable
- sudo ufw default deny
- sudo ufw deny ssh
This method will deny all incoming connections and allow outgoing but also deny ssh connections to further protect your system.
Note: if you require ssh connections then of course do not block it, if you are not sure what ssh (Secure Shell) is, then block it as it will make the system more secure.
For both methods make sure you copy and paste the following to: sudo /etc/rc.d/rc.local, this will allow the firewall to start with each boot.
- if [ -x /lib/ufw/ufw-init ]; then
- /lib/ufw/ufw-init start
- fi