sudo ufw status verbose<\/strong><\/p>\nausgeben:<\/p>\n
\r\n\r\nsudo ufw status verbose\r\nStatus: active\r\nLogging: on (low)\r\nDefault: deny (incoming), allow (outgoing), disabled (routed)\r\nNew profiles: skip\r\n\r\nTo Action From\r\n-- ------ ----\r\n22\/tcp ALLOW IN Anywhere\r\n548 ALLOW IN Anywhere\r\n427 ALLOW IN Anywhere<\/pre>\nL\u00f6schen k\u00f6nnen wir Regeln wenn wir die nummererierte Liste ausgeben mit:<\/p>\n
sudo ufw status numbered<\/strong><\/p>\nErgebnis: <\/p>\n
sudo ufw status numbered\r\nStatus: active\r\n\r\n To Action From\r\n -- ------ ----\r\n[ 1] 22\/tcp ALLOW IN Anywhere\r\n[ 2] 548 ALLOW IN Anywhere\r\n[ 3] 427 ALLOW IN Anywhere<\/pre>\nNun k\u00f6nnten wir z.B. die 2. Zeile mit dem Port 548 \u00fcber die Nr. 2 l\u00f6schen:
\n
\nsudo ufw delete 2 <\/strong><\/p>\nOder wenn wir ihn nicht mehr brauchen, einfach den ganzen UWF wieder ausschalten mit:
\n
\nsudo ufw disable<\/strong><\/p>\nHier noch die Parameter:<\/p>\n
ufw -help\r\n\r\nUsage: ufw COMMAND\r\n\r\nCommands:\r\n enable enables the firewall\r\n disable disables the firewall\r\n default ARG set default policy\r\n logging LEVEL set logging to LEVEL\r\n allow ARGS add allow rule\r\n deny ARGS add deny rule\r\n reject ARGS add reject rule\r\n limit ARGS add limit rule\r\n delete RULE|NUM delete RULE\r\n insert NUM RULE insert RULE at NUM\r\n route RULE add route RULE\r\n route delete RULE|NUM delete route RULE\r\n route insert NUM RULE insert route RULE at NUM\r\n reload reload firewall\r\n reset reset firewall\r\n status show firewall status\r\n status numbered show firewall status as numbered list of RULES\r\n status verbose show verbose firewall status\r\n show ARG show firewall report\r\n version display version information\r\n\r\nApplication profile commands:\r\n app list list application profiles\r\n app info PROFILE show information on PROFILE\r\n app update PROFILE update PROFILE\r\n app default ARG set default application policy<\/pre>\nEine Liste aller vorkonfigurierte Apps bzw. Protoklolle gibt es mit<\/p>\n
sudo ufw app list<\/strong><\/p>\n\r\nsudo ufw app list\r\nAvailable applications:\r\n AIM\r\n Bonjour\r\n CIFS\r\n DNS\r\n Deluge\r\n IMAP\r\n IMAPS\r\n IPP\r\n KTorrent\r\n Kerberos Admin\r\n Kerberos Full\r\n Kerberos KDC\r\n Kerberos Password\r\n LDAP\r\n LDAPS\r\n LPD\r\n MSN\r\n MSN SSL\r\n Mail submission\r\n NFS\r\n OpenSSH\r\n POP3\r\n POP3S\r\n PeopleNearby\r\n SMTP\r\n SSH\r\n Socks\r\n Telnet\r\n Transmission\r\n Transparent Proxy\r\n VNC\r\n WWW\r\n WWW Cache\r\n WWW Full\r\n WWW Secure\r\n XMPP\r\n Yahoo\r\n qBittorrent\r\n svnserve<\/pre>\nDie Apps sind Casesensitive!
\nWeitere Infos zu einer App gibt es z.B. f\u00fcr SSH<\/p>\n
sudo ufw app info SSH<\/strong><\/p>\nProfile: SSH
\nTitle: SSH server
\nDescription: SSH server<\/p>\n
Port:
\n 22\/tcp<\/p>\n
Mit <\/p>\n
systemctl status ufw<\/strong><\/p>\nk\u00f6nnen wir uns noch den Status ausgeben lassen:<\/p>\n
\u25cf ufw.service – Uncomplicated firewall
\n Loaded: loaded (\/lib\/systemd\/system\/ufw.service; enabled; vendor preset: enab
\n Active: active (exited) since Sat 2021-04-17 19:03:16 BST; 6min ago
\n Docs: man:ufw(8)
\n Process: 73 ExecStart=\/lib\/ufw\/ufw-init start quiet (code=exited, status=0\/SUC
\n Main PID: 73 (code=exited, status=0\/SUCCESS)<\/p>\n
Apr 17 19:03:16 pi-home systemd[1]: Started Uncomplicated firewall.
\nWarning: Journal has been rotated since unit was started. Log output is incomple<\/p>\n","protected":false},"excerpt":{"rendered":"
Eine Firewall ist auf dem Raspberry Pi schnell mit dem UFW eingerichtet und kann die Sicherheit verbessern. Die Firewall UFW muss nur installiert werden mit: sudo apt-get update sudo apt-get upgrade sudo apt-get install ufw Nun schalten wir zuerst den ipv6 auf no in der Datei \/etc\/default\/ufw, da er bei mir nicht verwendet wird.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","footnotes":""},"categories":[220,808,1023,1319,7],"tags":[270,4848,1457,948,4845,1454,1452,4847,176,4851,4849,740,4853,4852,4854,4846,4850],"class_list":["post-16719","post","type-post","status-publish","format-standard","hentry","category-anleitung","category-linux-2","category-raspberry-pi","category-sicherheit-2","category-tools","tag-apple","tag-apple-finder","tag-bonjour","tag-finder","tag-firewall","tag-freigaben","tag-netatalk","tag-ports-freischalten","tag-sicherheit","tag-sicherheitfeature","tag-sperren","tag-ssh","tag-uncomplicated","tag-uncomplicated-firewall","tag-unkomplizierter-firewall","tag-uwf","tag-verbieten"],"_links":{"self":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/16719","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16719"}],"version-history":[{"count":0,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/16719\/revisions"}],"wp:attachment":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16719"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16719"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16719"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"http:\/\/blog.wenzlaff.de\/wp-content\/uploads\/2021\/04\/UFW-scaled.jpg\")
<\/a><\/p>\n