[HowTo] Uncomplicated FireWall (UFW) en RaspBerry Pi: Instalar, habilitar y configurar
Posted: martes, 2 de abril de 2019 by Termita in Etiquetas: cortafuegos, firewall, iptables, linux, RaspberryPi, Raspbian, redes, seguridad, sistemas operativos, ufw
0
Existen muchas soluciones de cortafuegos disponibles para Linux, y la mayoría usan el proyecto IpTables para proveer filtrado de paquetes. Ese proyecto es la base del sistema de filtrado de red de Linux.
Iptables viene instalado por defecto en Raspbian, pero no está configurado.
Configurarlo puede ser una tarea complicada. Por eso existe un proyecto que provee de un entorno más simple para hacerlo. Se trata de ufw (Uncomplicated FireWall).
Es la herramienta de cortafuegos por defecto en Ubuntu y puede ser fácilmente instalada en Raspbian u otros sistemas operativos para Raspberry Pi.
sudo apt install ufw
Para activarlo:
sudo ufw enable
Para desactivarlo:
sudo ufw disable
Para ver el estado:
sudo ufw status
Más información.....
ufw is a fairly straightforward command line tool, although there are some GUIs available for it. This document will describe a few of the basic command line options. Note that ufw needs to be run with superuser privileges, so all commands are preceded with sudo. It is also possible to use the option --dry-run any ufw commands, which indicates the results of the command without actually making any changes.
To enable the firewall, which will also ensure it starts up on boot, use:
sudo ufw enable
To disable the firewall, and disable start up on boot, use:
sudo ufw disable
Allow a particular port to have access (we have used port 22 in our example):
sudo ufw allow 22
Denying access on a port is also very simple (again, we have used port 22 as an example):
sudo ufw deny 22
You can also specify which service you are allowing or denying on a port. In this example, we are denying tcp on port 22:
sudo ufw deny 22/tcp
You can specify the service even if you do not know which port it uses. This example allows the ssh service access through the firewall:
sudo ufw allow ssh
The status command lists all current settings for the firewall:
sudo ufw status
The rules can be quite complicated, allowing specific IP addresses to be blocked, specifying in which direction traffic is allowed, or limiting the number of attempts to connect, for example to help defeat a Denial of Service (DoS) attack. You can also specify the device rules are to be applied to (e.g. eth0, wlan0). Please refer to the ufw man page (man ufw) for full details, but here are some examples of more sophisticated commands.
Limit login attempts on ssh port using tcp: this denies connection if an IP address has attempted to connect six or more times in the last 30 seconds:
sudo ufw limit ssh/tcp
Deny access to port 30 from IP address 192.168.2.1
sudo ufw deny from 192.168.2.1 port 30
---------------------------------------------
fuentes: