- 机型:树莓派3B+
- 系统:Raspberry Pi OS(32 bit)
1. 启动防火墙
$ sudo apt-get install ufw
$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
- 设置入站规则为全关闭,出站规则为全开放
- 注意:ssh的22端口要及时添加到入站规则中,否则下次ssh将连接不上
$ sudo ufw default deny
Default incoming policy changed to 'deny'
(be sure to update your rules accordingly)
$ sudo ufw allow 22/tcp
Rule added
Rule added (v6)
2. 防火墙规则
sudo ufw enable
sudo ufw disable
sudo ufw status
# 开放tcp协议80端口
sudo ufw allow 80/tcp
# 移除80端口
sudo ufw delete allow 80/tcp
# 开放RDP的3389端口
sudo ufw allow 3389
# 移除3389端口
sudo ufw delete allow 3389
# 开放10000-11000端口,需指定协议(tcp/udp)
sudo ufw allow 10000:11000/tcp
# 移除上述端口
sudo ufw delete allow 10000:11000/tcp
# 允许192.168.1.110的访问,不限端口、协议
sudo ufw allow from 192.168.1.110
# 移除上条规则
sudo ufw delete allow from 192.168.1.110