Update page '9. UFW action file'
Asif Bacchus
parent
3ce3284847
commit
689f3ef083
30
9.-UFW-action-file.md
Normal file
30
9.-UFW-action-file.md
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
## UFW action file (*action.d/ufw.conf*)
|
||||||
|
|
||||||
|
This is the file that tells F2B what commands to send to UFW to block and unblock a system. You can see that the '*actionban*' and '*actionunban*' sections simply add and remove rules from UFW which drop/reject packets from the offending system. I have only changed the '*blocktype*' from it's default (reject) to *deny*.
|
||||||
|
|
||||||
|
```ini
|
||||||
|
# Option: blocktype
|
||||||
|
# Notes.: reject or deny
|
||||||
|
#blocktype = reject
|
||||||
|
blocktype = deny
|
||||||
|
```
|
||||||
|
|
||||||
|
The important part of '*actionban*' works like this:
|
||||||
|
|
||||||
|
```PHP
|
||||||
|
ufw insert <insertpos> <blocktype> from <ip> to <destination>
|
||||||
|
```
|
||||||
|
|
||||||
|
The variables defined in the configuration file are summarized as:
|
||||||
|
|
||||||
|
```Ini
|
||||||
|
[Init]
|
||||||
|
insertpos = 1
|
||||||
|
blocktype = deny
|
||||||
|
destination = any
|
||||||
|
application =
|
||||||
|
```
|
||||||
|
|
||||||
|
So, this rule adds a new rule (*insert*) at position 1 (*insertpos*) which denies (*blocktype*) packets from the offending system's IP (*ip*) destined for any address (which obviously includes this system). Importantly, each rule is added at *position 1* which means they have priority over any other otherwise defined (i.e. allowed) traffic.
|
||||||
|
|
||||||
|
The '*actionunban*' simply deletes the rule to remove the block.
|
||||||
Loading…
Reference in New Issue
Block a user