A firewall is a system which can allows network traffic that is considered safe to get through and prevent network traffic that is considered unsafe (wikipedia). Firewall crucial one side on the other hand can sometimes be important. For computer users who have never dealt with a network of local or public network, the firewall becomes less important. Another thing if your computer is connected to a network, especially as waiter (server). Thus, the firewall becomes a very important thing.
In GNU / Linux we are familiar with a tool called iptables, which is a kind iptables firewall list of IP and Port anywhere that can be out on the computer. Unfortunately, iptables is fairly complicated arrangement especially for beginners, because if any later even that should not be blocked even blocked. The author's experience had once tried to block all ports except port SSH on my VPS, but that happened I actually block all ports without exception, fortunately my VPS console that provides access from the Client Panel thus I could rearrange iptablessaya. But not anymore for now, since the UFW all problems regarding firewall in GNU / Linux is becoming easier.
UFW
UFW is short for Uncomplicated Firewall is a front-end application of iptables lightweight, powerful and very easy to use to set up a firewall. The UFW I highly recommend for those who are beginners in setting iptables. After all front-enddari iptables so in other words when you set up a firewall with the same UFW set in iptables firewall.How to Install UFW
Here's how to install the UFW in some distributions that are commonly used.Arclinux
# sudo pacman -S ufwDebian/Ubuntu
# sudo apt-get install ufwCentos, Fedora, RHEL
Especially for these distributions need to manually install:
wget https://launchpad.net/ufw/0.35/0.35/+download/ufw-0.35.tar.gzConfiguration UFW
cd ufw*
$ sudo su
# python ./setup.py install
sudo chmod 751 /etc/default/ufw /lib/ufw/ufw-init /etc/ufw/ufw.conf /sbin/ufw /etc/ufw/applications.d/ufw-mailserver /etc/ufw/applications.d/ufw-chat /etc/ufw/applications.d/ufw-loginserver /etc/ufw/applications.d/ufw-proxyserver /etc/ufw/applications.d/ufw-fileserver /etc/ufw/applications.d/ufw-directoryserver /etc/ufw/applications.d/ufw-printserver /etc/ufw/applications.d/ufw-webserver /etc/ufw/applications.d/ufw-dnsserver /etc/ufw/applications.d/ufw-bittorent
First block all ports entrant, unblock all out:
sudo ufw default deny incomingThen open some common ports such as port SSH, Web, and FTP for example:
sudo ufw default allow outgoing
sudo ufw allow sshBy default (default) UFW has signed up some important applications such as ssh, www, ftp, https, ldap, pop3, vnc and others. You can check for yourself what applications are listed UFW with the following command:
sudo ufw allow www
sudo ufw allow ftp
sudo ufw app list | lessYou also can view information about the application example
sudo ufw app information WWW
ufw-infoThen to activate his UFW directly follow the instructions below:
sudo ufw enablThen check whether the UFW is active or not:
sudo ufw statusThe next step of your stay just give it access to IP or port you want to block or allow, for example:
sudo ufw allow 2223
sudo ufw deny 2202
sudo ufw allow from 10.0.0.0/8