机型:树莓派3B+系统:Raspberry Pi OS(32 bit) 1. 启动防火墙 安装ufw $ sudo apt-get install ufw 启动ufw $ sudo ufw enable Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup 设置入站规则为全关闭,出站规则为全开放注意:ssh的22端口要及时添加到入站规则中,否则下次ssh将连接不上 $ sudo ufw default deny Default incoming policy changed to 'deny' (be sure to update your rules accordingly) $ sudo ufw allow 22/tcp Rule added Rule added (v6) 2. 防火墙规则 开启、关闭防火墙 sudo ufw enable sudo ufw disable 查看防火墙的状态 sudo ufw status 端口的设置 # 开放tcp协议80端口 sudo ufw allow 80/tcp # 移除80端口 sudo ufw delete allow 80/tcp # 开放RDP的3389端口 sudo ufw allow 3389 # 移除3389端口 sudo ufw delete allow 3389 # 开放10000-11000端口,需指定协议(tcp/udp) sudo ufw allow 10000:11000/tcp # 移除上述端口 sudo ufw delete allow 10000:11000/tcp IP的设置 # 允许192.168.1.110的访问,不限端口、协议 sudo ufw allow from 192.168.1.110 # 移除上条规则 sudo ufw delete allow from 192.168.1.110