iptables目录在 /etc/nfw

/etc/ufw/before.rules

Traceroute探测 漏洞处理

https://blog.csdn.net/tacity/article/details/127992854
https://www.cnblogs.com/yy9knsg/p/16255069.html
/etc/ufw/before.rules

-I INPUT -p icmp --icmp-type 0 -j DROP
-I OUTPUT -p icmp --icmp-type 0 -j DROP
-I INPUT -p icmp --icmp-type 3 -j DROP
-I OUTPUT -p icmp --icmp-type 3 -j DROP
-I INPUT -p icmp --icmp-type 11 -j DROP
-I OUTPUT -p icmp --icmp-type 11 -j DROP
-I INPUT -p icmp --icmp-type 13 -j DROP
-I OUTPUT -p icmp --icmp-type 13 -j DROP
-I INPUT -p icmp --icmp-type 14 -j DROP
-I OUTPUT -p icmp --icmp-type 14 -j DROP

ufw 管理命令

https://www.python100.com/html/119362.html
https://zhuanlan.zhihu.com/p/628587521

https://cainiaojiaocheng.com/%E5%A6%82%E4%BD%95%E5%9C%A8Ubuntu22.04%E4%B8%8A%E4%BD%BF%E7%94%A8UFW%E8%AE%BE%E7%BD%AE%E9%98%B2%E7%81%AB%E5%A2%99