/home/bill/System_maintenance/Gufw firewall/Gufw firewall notes.txt ufw = uncomplicated firewall help.ubuntu.com/community/Gufw ******************* https://help.ubuntu.com/community/Firewall Introduction port 80 is generally used for insecure web browsing port 443 is used for secure web browsing. The Linux kernel includes the netfilter subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your computer. All modern Linux firewall solutions use this system for packet filtering. iptables - kernel's packet filtering system user interface to manage it.. netfilter subsystem [acceptance, manipulation, or rejection] based on the rules supplied to it via iptables. Users can therefore configure the firewall to allow certain types of network traffic to pass into and out of a system (for instance SSH or web server traffic). This is done by opening and closing TCP and UDP "ports" in the firewall. Additionally, firewalls can be configured to allow or restrict access to specific IP addresses (or IP address ranges). ***************** http://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ The Beginner’s Guide to iptables, the Linux Firewall There’s one sure-fire way to check whether or not your system uses/needs the forward chain. iptables -L -v >> Check this with script file!!! SSH is a common protocol that people forget to allow on both chains. iptables -A INPUT -p tcp --dport ssh -s 10.10.10.10 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -d 10.10.10.10 -m state --state ESTABLISHED -j ACCEPT I want to allow : Thunderbird - to/?from? Lexicom.ca Firefox - to/?from? not just Lexicom.ca but also my cellphone what about other wireless (eg Mom&Dad, Second cup) SSH - to my Lexicom.ca server (bidirectional) # enddoc