others-prepare for cks exam with me 5: Linux UFW(Uncomplicated firewall)

1. Purpose

In this post, I would continue to write about preparing for the CKS (Certified Kubernetes Security Specialist) exam. I would write my own notes about the exam, and you can refer to these articles to prepare your own.

List of the series of posts:

-prepare for cks exam with me 1: Linux user and group management

-prepare for cks exam with me 2: Linux ssh hardening

-prepare for cks exam with me 3: Linux remove obsolete packages and services

-prepare for cks exam with me 4: Linux kernal hardening

-prepare for cks exam with me 5: Linux UFW(Uncomplicated firewall)

-prepare for cks exam with me 6: Seccomp in Linux, Docker and Kubernetes

-prepare for cks exam with me 7: Apparmor in Linux, Docker and Kubernetes

-prepare for cks exam with me 8: Security context in Kubernetes

-prepare for cks exam with me 9: Admission controllers in Kubernetes

-prepare for cks exam with me 10: Pod security policy in Kubernetes

-prepare for cks exam with me 11: Open policy agent in Kubernetes

-prepare for cks exam with me 12: Secrets in Kubernetes

-prepare for cks exam with me 13: Container runtimes(gvisor/kata containers) in Kubernetes

-prepare for cks exam with me 14: Container Image security in Docker and Kubernetes

-prepare for cks exam with me 15: How to print docker images of all pods in kubernetes

2. Environment

  • CKS
  • Ubuntu System

3. Linux UFW (Uncomplicated firewall)

3.1 What is UFW?

UFW stands for uncomplicated firewall

Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. UFW is available by default in all Ubuntu installations after 8.04 LTS

3.2 UFW commonly used commands

#installation
apt install ufw -y

#Enable
ufw enable

#Disable
ufw disable

#Status query
ufw status

#Reset
ufw reset

#Allow all access to external connections
ufw default allow outgoing

#Block all incoming connections
ufw default deny incoming

#Block a specific IP connection, add to the blacklist
ufw deny from 192.168.29.36

#Prohibit a special port
ufw deny 80/tcp

#Allow ssh, http/https
ufw allow ssh
ufw allow http
ufw allow https

#Allow to specify TCP/UDP port
ufw allow 80/tcp
ufw allow 53/udp

#Specify rules according to the port range
ufw allow 9000:9002/tcp

#Set the rules according to the source address range, the following rules allow the 192.168.0.0/24 client to access the tcp/22 port of the machine
ufw allow from 192.168.0.0/24 to any port 22 proto tcp

#View existing UFW rules
ufw status verbose
ufw status numbered #According to the sequence number list, you can delete according to the sequence number

#Delete rules, just add delete
 ufw delete allow http
ufw delete 2 #2 is the sequence number of ufw status numbered above

#Restart the machine
shutdown -r now

4. Summary

In this post, I write some examples about how to do linux network hardening by UFW when using linux operating systems.