ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. ufw
    Log in to post
    • All categories
    • scottalanmillerS

      UFW Firewall Allow List for CloudFlare Proxy IP Addresses

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion linux firewall security reverse proxy cloudflare ubuntu ufw
      1
      1 Votes
      1 Posts
      131 Views
      No one has replied
    • JaredBuschJ

      UFW or IPTABLES

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion ubuntu ufw iptables
      8
      0 Votes
      8 Posts
      942 Views
      1

      @JaredBusch said in UFW or IPTABLES:

      @Pete-S said in UFW or IPTABLES:

      So I think the current recommendation is to either stick to ufw or firewall-cmd or just use nft directly.

      I try to. This was the first time I've had a need to go outside the box of ufw or firewall-cmd to use direct iptables in years.

      Yes, it's only when you need more control.

      I've looked into this before and it wasn't not super obvious how all these tools interact. But nowadays ufw and firewalld are services to manage nftables. nftables itself manages the netfilter packet filtering mechanism in the kernel.

      The ability to use iptables are just for legacy reasons and they're converted to nftables rules behind the scenes.

      Since ufw (canonical project) and firewalld (redhat project) where initiated when iptables was used, I'm not sure their existence is warranted in the same way. At least not by sysadmins.

      I'm looking at setting firewall rules automatically in a project and it seems like using nftables directly makes the most sense. That said I have to learn nftables first 🙂

    • LakshmanaL

      Open source Firewall

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion firewall router open source pfsense vyos linux freebsd endian smoothwall shorewall utm ip cop iptables firewalld ufw
      16
      0 Votes
      16 Posts
      4k Views
      DashrenderD

      @Reid-Cooper said in Open source Firewall:

      pfSense was really good in the past. But I agree, the days of building your own firewall on an old PC that you have are over.

      Right - the cost just isn't worth running your old PC. Power alone will cost more than the cost of an ER-X or ER-L.

    • 1 / 1