ufw

Prior to working with ufw in the previous section, we had to add this allow rule to let SSH traffic in, once the firewall was enabled:

vagrant@ubuntu1:~$ sudo ufw allow ssh/tcp
Rule added
Rule added (v6)

The default ufw profile has incoming connections denied, as we can see in the following code:

vagrant@ubuntu1:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

Because of this, if we wanted to access a web server hosted on our Ubuntu box, we'd need a new rule.

Previously, we used the service name (ssh), so this time we're going to specifically allow a port (80, the default HTTP port) from our VirtualBox network:

vagrant@ubuntu1:~$ sudo ufw allow from 10.0.2.0/24 to any port 80 proto tcp
Rule added

We can see this rule in action by using the status option:

vagrant@ubuntu1:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                             
80/tcp                     ALLOW       10.0.2.0/24               
22/tcp (v6)                ALLOW       Anywhere (v6)

Deleting with ufw is simplejust prefix your original rule (be it allow or deny) with the word delete:

vagrant@ubuntu1:~$ sudo ufw delete allow from 10.0.2.0/24 to any port 80 proto tcp
Rule deleted
上一章目录下一章