Embedded Files
My ISP provides a firewall. So, do I really need another one?
It seems my children love to download viruses. So, if their laptop gets hacked and a virus is installed, then the virus could scan my network and find other vulnerable servers. Or the hacker could get in my network.
A server firewall provides an extra level of security, A firewall can also be created directly with iptables or with netfilter. ufw seems easier.
Step 1. Open Terminal and Login
Step 2. Always Update and Upgrade
Step 3. Install Uncomplicated Firewall (ufw)
Install ufw by running run the following command:
$ sudo apt install ufw -y
Step 4. Enable and Configure the Firewall
Get a script to enable and configure the firewall rules
$ wget https://raw.githubusercontent.com/dumbo25/unsed_rpi/main/ufw_setup.sh
$ sudo /bin/bash ufw_setup.sh
Do not do this, but this is how to disable the firewall:
$ sudo ufw disable
Step 5. Check the Firewall Status
Check the status of the firewall using the commands:
$ sudo ufw status verbose
$ sudo ufw status numbered
Troubleshooting:
ssh doesn't work after enabling ufw:
Sometimes, I lose the ability to ssh after executing Step 4. I've tried several ideas. This is the most promising:
Jaromanda X proposed this solution, but I could not get it to work
However, I could not get it to work. The shell script doesn't have any effect.
The only solution is to connect a terminal, keyboard and mouse.
Couldn't determine iptables version:
If this error occurs (because Buster uses iptables-nft)::
Couldn't determine iptables version
then run these commands to switch to legacy iptables:
$ sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
$ sudo reboot
Appendix:
Other ufw commands:
$ sudo ufw status numbered
$ sudo ufw delete 3
$ sudo ufw deny 80/tcp
Edit this menu via the Pages tab
Show me
References:
Netfilter Firewall by ScienceDirect snippet from a book
Google Sites
Report abuse