Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
To enable ufw you just need to run one dead simple command: sudo ufw enable
Conversely, you can turn it off later for any specific purpose or forever by sudo ufw disable
Once you’ve turned ufw on you will want to run a command like sudo ufw default deny
as given above so that you set the general fallback position that ufw will apply should any of the rules not cater for specific traffic. You needn’t make it block all incoming traffic by default; if you have a legitimate need to do so you can make ufw default to being mostly open by the similar command sudo ufw default allow
This makes the default action to permit traffic unless a rule specifically denies it. However, you would want to be certain this is what you require and is best for your situation. Certainly, any Internet-facing servers would be best aided by having traffic blocked except anything you definitely wish to permit.
You might be keen to see what ufw is doing; in that case you can enable its logs by sudo ufw logging on
And, as you might guess, you can suppress logging later by sudo ufw logging off
So, ufw is pretty easy to get running and to configure, with rules added and removed at will and with great flexibility. By now you might be asking how you check what your rules are. Do you need to manually record them in a spreadsheet or text document?
The answer is no; with the simple command ufw status
you can get an easy to read dump of all the rules. This is text based making it both readable to humans and also readable and able to be parsed by other commands. You can pipe the output from this into another program for analysis or further refining – perhaps grep, for instance, so you can programmatically determine if certain ports are open or not.
This status command need not be executed through sudo because it is read-only; it doesn’t require elevated permissions to display the current rules as they are.
For those who like to know what’s going on under the hood, ufw writes its rules to a config file called /etc/ufw/maps. The status command simply reads this config file and formats its output.
If you install the Hardy Heron – otherwise known as Ubuntu 8.04 – and find you’ve omitted ufw from being installed you can very simply and quickly bring it into being with sudo apt-get install ufw
This will retrieve and install the ufw package making all the above available for use. You can check that this has worked via dpkg –get-selections | grep ufw
If the output says ufw followed by install then it is ready and available.
Keep in mind that you – ie the human operator – are not the only one who will be setting firewall rules. As good as systems like iptables are, they have had one perceived deficiency from a Linux distribution point of view, namely they are not integrated into the package management facilities. Here’s where ufw has a real strength.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
