事象発生日:2018-04-30
記事公開日:2018-05-01
アクセス数:4446
Ubuntu Server 16.04.3 LTS
ここでは,ポートを2つあけ,またlowでログをとる.
ログは/var/log/syslogにたまる.
なお,(このブログでは毎度のことだが,)${hoge}はセキュリティ的に値を隠しているものである.
$ sudo ufw status
Status: inactive
$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
$ sudo ufw status
Status: active
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
$ sudo ufw default DENY
Default incoming policy changed to 'deny'
(be sure to update your rules accordingly)
$ sudo ufw allow ${port1}
Rule added
Rule added (v6)
$ sudo ufw status
Status: active
To Action From
-- ------ ----
${port1} ALLOW Anywhere
${port1} (v6) ALLOW Anywhere (v6)
$ sudo ufw allow ${port2}
Rule added
Rule added (v6)
$ sudo ufw status
Status: active
To Action From
-- ------ ----
${port1} ALLOW Anywhere
${port2} ALLOW Anywhere
${port1} (v6) ALLOW Anywhere (v6)
${port2} (v6) ALLOW Anywhere (v6)
$ grep -i ufw /var/log/syslog
Apr 30 16:38:35 ${server_name} kernel: [ 3209.892212] [UFW BLOCK] IN=enp0s25 OUT= MAC=${mac_address} SRC=${src_ip} DST=${dst_ip} LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=5944 DF PROTO=TCP SPT=65525 DPT=${dst_port} WINDOW=64240 RES=0x00 SYN URGP=0
名前
Email (※公開されることはありません)
コメント