UFW application profiles
Oct 23, 2010, 00:02 (1 Talkback[s])
(Other stories by jhansonxi)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
[ Thanks to jhansonxi for this link.
"Uncomplicated Firewall (ufw) is a front-end to
iptables. One of its features are "application profiles" which are
INI-style files that contain profile names and ufw settings. This
allows packages to include their own firewall settings and make
them available to ufw when installed.
"Using profiles is relatively easy. To see what profiles are on
your system, go to a terminal and enter "ufw app list" to see the
names. The profiles are located in the directory
"/etc/ufw/applications.d" and the names referenced are the
"[section names]" in the files. Note that ufw also references the
services list in "/etc/services" for rules. If a section name
conflicts with an entry in the services file then the latter takes
priority (and ufw warns you every time you use it).
"There doesn't seem to be any documentation on the file format
and the example files mentioned in the docs don't exist on my
Karmic or Lucid systems but the existing files for OpenSSH server
and Apache are good examples to determine it from:"