How to install and configure a graphical firewall client in Ubuntu 10.10

This example shows how to specify a port range in your rules. Using the ports from the last two examples before this one, we specify a port range in the form: port1:port2. One advantage of using a port range is that it reduces the number of rules that you create.

Specifying port ranges in a rule

There are four policies that can be defined in a rule: Allow, Deny, Reject and Limit. The effect of an Allow rule is self-explanatory. If a packet matches a Deny rule, the packet will be dropped silently. The source host is not notified. Reject will trigger an ICMP destination unreachable message back to the source host. Limit rules are used to place a cap on the number of unsuccessful attempts from a host. They protect against brute-force attacks. In ufw, the number of unsuccessful attempts that will trigger a rate-limiting rule is 6 (or more) within the last 30 seconds. When a rate-limiting rule is triggered, subsequent packets from the offending host are denied (DROPped). Rate limiting rules may be defined from all three tabs, not just from the Advanced tab.


The following example shows a rate-limiting rule for incoming ssh traffic from a specific source to a specific destination.

Anti brute-force attack rule

Related Posts

With Btrfs the default on openSUSE, when will other distros follow suit One change that was implemented in openSUSE 13.2 makes Btrfs the default file system for the root (main) partition. That makes openSUSE the first desk...
How to change the default route in Linux This is just a short article that shows how to change the default network route in Linux. Before I show how to do it, hoping that it helps somebody, l...
Flip Cinnamon panel to top of desktop Advancement is supposed to make stuff easier to use, but that has not been the case on free software desktop environments. Tasks that used to take one...
5 things to do after installing Fedora 19 GNOME Fedora 19, code-named Schrodinger's Cat, is the latest edition of Fedora, a Linux distribution sponsored by Red Hat, Inc. This article offers five sim...
Create a standard user account on Kali Linux Aside from being based on Debian rather than Ubuntu, another way that Kali Linux 1.0, the latest incarnation of BackTrack Linux 5, defers from BackTra...
Got a PRISM and Boundless Informant problem? Whisper and Tor can help PRISM and Boundless Informant. Don't you just love names like that. They have a nice ring to them. But do not be fooled. Those are bad for your privac...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


  1. Pingback: Links 21/10/2010: Tinycore 3.2, WebOS 2.0 | Techrights

  2. Pingback: Linux News » How to install and configure a graphical firewall client in Ubuntu 10.10

  3. Pingback: A graphical firewall client for Maverick « 0ddn1x: tricks with *nix

  4. Pingback: First time Ubuntu user, need help! - -

Leave a Comment

Your email address will not be published. Required fields are marked *