{"id":189,"date":"2026-05-13T09:59:00","date_gmt":"2026-05-13T01:59:00","guid":{"rendered":"https:\/\/junai.ai\/blog\/linux-ufw-firewall-17\/"},"modified":"2026-05-13T09:59:00","modified_gmt":"2026-05-13T01:59:00","slug":"linux-ufw-firewall-17","status":"publish","type":"post","link":"https:\/\/junai.ai\/blog\/linux-ufw-firewall-17\/","title":{"rendered":"\uc6b0\ubd84\ud22c \ubc29\ud654\ubcbd ufw \u2014 \ud3ec\ud2b8 \uc5f4\uace0 \ub2eb\uae30 (17\ud3b8)"},"content":{"rendered":"\n<!-- WordPress REST API \ubc1c\ud589\uc6a9 HTML (\uc790\ub3d9 \uc0dd\uc131) -->\n<!-- WP-FEATURED-MEDIA-ID: 176 -->\n<div style=\"max-width:800px;margin:0 auto;\">\n<style>\n:root{\n  --color-primary:#1e40af;--color-accent:#3b82f6;--color-bg:#fafafa;--color-bg-card:#ffffff;\n  --color-text:#1e293b;--color-text-muted:#64748b;--hero-start:#0f172a;--hero-end:#1e40af;\n  --font-body:-apple-system,BlinkMacSystemFont,'Apple SD Gothic Neo','Noto Sans KR',sans-serif;\n  --size-body:17px;--line-height:1.75;--h1-size:32px;--h2-size:27px;--h3-size:20px;\n}\n*{margin:0;padding:0;box-sizing:border-box;}\n.wrap{max-width:760px;margin:0 auto;padding:0 20px;}\n.hero{background:linear-gradient(135deg,var(--hero-start) 0%,var(--hero-end) 100%);color:#fff;padding:64px 0 56px;text-align:center;}\n.hero .eyebrow{display:inline-block;font-size:13px;letter-spacing:1px;text-transform:uppercase;color:#93c5fd;font-weight:700;margin-bottom:16px;}\n.hero h1{font-size:var(--h1-size);line-height:1.32;letter-spacing:-0.3px;font-weight:800;margin-bottom:18px;}\n.hero p.sub{font-size:18px;color:#cbd5e1;max-width:620px;margin:0 auto;}\n.hero .meta{margin-top:22px;font-size:14px;color:#94a3b8;}\n.hero-img{display:block;width:100%;height:auto;}\narticle{padding:48px 0 24px;}\narticle h2{font-size:var(--h2-size);line-height:1.35;letter-spacing:-0.3px;font-weight:800;margin:48px 0 18px;padding-left:14px;border-left:5px solid var(--color-primary);}\narticle h2:first-of-type{margin-top:8px;}\narticle h3{font-size:var(--h3-size);font-weight:700;margin:28px 0 10px;color:#0f172a;}\narticle p{margin:0 0 18px;}\narticle ul,article ol{margin:0 0 18px 4px;padding-left:22px;}\narticle li{margin-bottom:9px;}\narticle strong{color:#0f172a;font-weight:700;}\narticle a{color:var(--color-primary);text-decoration:underline;text-underline-offset:2px;}\narticle code{background:#0f172a;color:#e2e8f0;padding:2px 7px;border-radius:5px;font-size:0.9em;font-family:'SF Mono',Menlo,Consolas,monospace;}\n.intro p:first-child{font-size:19px;color:#334155;}\n.notice{background:#eef2ff;border:1px solid #c7d2fe;border-radius:10px;padding:14px 18px;margin:0 0 30px;font-size:15px;color:#3730a3;}\n.notice b{color:#312e81;}\n.tablewrap{overflow-x:auto;-webkit-overflow-scrolling:touch;margin:22px 0;}\ntable{width:100%;border-collapse:collapse;font-size:15px;background:var(--color-bg-card);}\nth,td{padding:11px 12px;text-align:left;border-bottom:1px solid #e2e8f0;vertical-align:top;}\nth{background:#f1f5f9;font-weight:700;color:#0f172a;}\ntd:first-child,th:first-child{font-weight:700;}\n@media (max-width:560px){\n  .tablewrap table,.tablewrap thead,.tablewrap tbody,.tablewrap tr,.tablewrap th,.tablewrap td{display:block;width:auto;}\n  .tablewrap thead{display:none;}\n  .tablewrap tr{margin:0 0 14px;border:1px solid #e2e8f0;border-radius:10px;overflow:hidden;}\n  .tablewrap td{border:none;border-bottom:1px solid #f1f5f9;padding:9px 14px;}\n  .tablewrap td:first-child{background:#f1f5f9;font-weight:800;font-size:15.5px;}\n  .tablewrap td:last-child{border-bottom:none;}\n  .tablewrap td[data-label]::before{content:attr(data-label) \" \u2014 \";font-weight:700;color:var(--color-primary);}\n}\n.databox{background:#eff6ff;border-left:4px solid var(--color-accent);border-radius:0 8px 8px 0;padding:16px 18px;margin:20px 0;font-size:15.5px;}\n.databox b{color:var(--color-primary);}\n.warnbox{background:linear-gradient(135deg,#fef2f2 0%,#fee2e2 100%);border:1px solid #fecaca;border-radius:10px;padding:16px 18px;margin:22px 0;font-size:15.5px;color:#7f1d1d;}\n.warnbox b{color:#991b1b;}\n.cmd{background:#0f172a;color:#e2e8f0;border-radius:10px;padding:14px 16px;margin:14px 0;font-family:'SF Mono',Menlo,Consolas,monospace;font-size:14px;line-height:1.8;overflow-x:auto;-webkit-overflow-scrolling:touch;white-space:pre-wrap;}\n.cmd .c{color:#7dd3fc;}\n.cmd .o{color:#94a3b8;}\n.roadmap{background:var(--color-bg-card);border:1px solid #e2e8f0;border-radius:12px;padding:18px 20px;margin:24px 0;font-size:15px;}\n.roadmap h3{margin:0 0 10px;font-size:17px;color:#0f172a;}\n.roadmap ol{margin:0 0 0 4px;padding-left:20px;}\n.roadmap li{margin-bottom:5px;color:#475569;}\n.cta{background:#0f172a;color:#e2e8f0;border-radius:14px;padding:26px 24px;margin:40px 0 8px;text-align:center;}\n.cta h3{color:#fff;margin:0 0 8px;font-size:19px;}\n.cta p{margin:0 0 4px;font-size:15px;color:#cbd5e1;}\nfooter{padding:30px 0 50px;text-align:center;color:var(--color-text-muted);font-size:13.5px;}\n@media (max-width:480px){:root{--h1-size:23px;--h2-size:20px;--size-body:16px;}.hero{padding:48px 0 40px;}article{padding:34px 0 16px;}.cmd{font-size:12.5px;}}\n<\/style>\n<header class=\"hero\">\n  <div class=\"wrap\">\n    <span class=\"eyebrow\">\uc6b0\ubd84\ud22c \u00b7 \ub9ac\ub205\uc2a4 \uc785\ubb38 \u2014 17\ud3b8 (\uc911\uae09)<\/span>\n    <h1>\uc6b0\ubd84\ud22c \ubc29\ud654\ubcbd ufw \u2014 \ud3ec\ud2b8 \uc5f4\uace0 \ub2eb\uae30<\/h1>\n    <p class=\"sub\">&#8220;\ubc29\ud654\ubcbd = iptables = \uc5b4\ub835\ub2e4&#8221;\ub294 \uc61b\ub9d0. ufw\ub294 &#8220;\uc774 \ud3ec\ud2b8 \uc5f4\uc5b4 \/ \ub2eb\uc544&#8221;\ub97c \uc601\uc5b4 \ubb38\uc7a5\ucc98\ub7fc \uc4f0\ub294 \ub3c4\uad6c\uc785\ub2c8\ub2e4 \u2014 \uc11c\ubc84 \ubcf4\uc548\uc758 \uac00\uc7a5 \uae30\ubcf8\uae30.<\/p>\n    <p class=\"meta\">2026\ub144 5\uc6d4 13\uc77c \u00b7 \uc57d 7\ubd84 \u00b7 26\ud3b8 \uc785\ubb38 \uc2dc\ub9ac\uc988 17\ud3b8<\/p>\n  <\/div>\n<\/header>\n\n<img decoding=\"async\" class=\"hero-img\" src=\"https:\/\/junai.ai\/blog\/wp-content\/uploads\/2026\/05\/hero-20.jpg\" alt=\"\ud130\ubbf8\ub110\uc5d0 ufw allow\u00b7status \uba85\ub839\uc73c\ub85c \ubc29\ud654\ubcbd\uc744 \uc124\uc815\ud558\ub294 \ud654\uba74 \u2014 \uc6b0\ubd84\ud22c \ubc29\ud654\ubcbd ufw\ub97c \uc0c1\uc9d5\ud558\ub294 \uc77c\ub7ec\uc2a4\ud2b8\">\n\n<div class=\"wrap\">\n<article>\n\n  <div class=\"intro\">\n    <p>16\ud3b8\uc5d0\uc11c <code>ss -tlnp<\/code>\ub85c &#8220;\ub0b4 \ucef4\ud4e8\ud130\uc758 \uc5b4\ub5a4 \ud504\ub85c\uadf8\ub7a8\uc774 \uc5b4\ub290 \ud3ec\ud2b8\ub97c \uc5f4\uc5b4\ub1a8\ub098&#8221;\ub97c \ubd24\uc8e0. \uadf8\ub7f0\ub370 \uadf8 \ud3ec\ud2b8\uac00 <strong>\uc678\ubd80\uc5d0\uc11c\ub3c4 \ub2ff\uc744 \uc218 \uc788\ub294\uc9c0<\/strong>\ub97c \uc815\ud558\ub294 \uac74 \ubcc4\uac1c \u2014 \uadf8\uac8c <strong>\ubc29\ud654\ubcbd<\/strong>\uc785\ub2c8\ub2e4. &#8220;\uc774 \ud3ec\ud2b8\ub85c \ub4e4\uc5b4\uc624\ub294 \uac74 \ud5c8\uc6a9 \/ \uc800 \ud3ec\ud2b8\ub294 \ucc28\ub2e8&#8221;\uc744 \uc815\ud558\ub294 \ubb38\uc9c0\uae30\uc608\uc694.<\/p>\n    <p>\ub9ac\ub205\uc2a4\uc758 \ubc29\ud654\ubcbd \uc5d4\uc9c4\uc740 <code>iptables<\/code>(\uc694\uc998\uc740 <code>nftables<\/code>)\uc778\ub370 \u2014 \ubb38\ubc95\uc774 \ubb34\uc2dc\ubb34\uc2dc\ud569\ub2c8\ub2e4. \uadf8\ub798\uc11c \uc6b0\ubd84\ud22c\ub294 <strong>ufw<\/strong>(Uncomplicated FireWall \u2014 &#8220;\uc548 \ubcf5\uc7a1\ud55c \ubc29\ud654\ubcbd&#8221;)\ub77c\ub294, \uadf8 \uc704\uc5d0 \uc5b9\uc740 \uc26c\uc6b4 \uaecd\ub370\uae30\ub97c \uc90d\ub2c8\ub2e4. <code>sudo ufw allow 22<\/code>\ucc98\ub7fc \uac70\uc758 \uc601\uc5b4 \ubb38\uc7a5\uc774\uc5d0\uc694. <strong>\uc11c\ubc84\ub97c \uc6b4\uc601\ud55c\ub2e4\uba74 ufw \uc124\uc815\uc740 \uac70\uc758 \ud544\uc218<\/strong>\uace0, \ub370\uc2a4\ud06c\ud0d1\uc774\uba74 \uae30\ubcf8\uc740 \uaebc\uc838 \uc788\uc9c0\ub9cc \uc54c\uc544\ub450\uba74 \uc88b\uc2b5\ub2c8\ub2e4. <strong>26\ud3b8 \uc785\ubb38 \uc2dc\ub9ac\uc988 17\ud3b8<\/strong>, &#8220;\uc911\uae09&#8221; \ubb36\uc74c. \u26a0\ufe0f \ub2e8 \ud558\ub098 \u2014 SSH\ub85c \uc6d0\uaca9 \uc11c\ubc84\uc5d0 \uc791\uc5c5 \uc911\uc774\ub77c\uba74 \ucf1c\uae30 \uc804\uc5d0 \uaf2d \ubd10\uc57c \ud560 \uac8c \uc788\uc73c\ub2c8, 4\ubc88 \uc139\uc158 \uacbd\uace0\ub97c \uba3c\uc800 \uc77d\uc73c\uc138\uc694.<\/p>\n  <\/div>\n\n  <div class=\"notice\">\n    <b>\uc900\ube44\ubb3c \u2014<\/b> \uc6b0\ubd84\ud22c + \ud130\ubbf8\ub110. <b>\uac00\uc0c1 \uba38\uc2e0\uc744 \uac15\ub825 \uad8c\uc7a5<\/b>\ud569\ub2c8\ub2e4 \u2014 \ubc29\ud654\ubcbd \uc124\uc815\uc744 \uc798\ubabb\ud558\uba74(\ud2b9\ud788 \uc6d0\uaca9\uc774\uba74) \uc790\uae30 \uc790\uc2e0\uc744 \ub9c9\uc544\ubc84\ub9b4 \uc218 \uc788\uc5b4\uc11c, VM\uc774\uba74 \uc2a4\ub0c5\uc0f7\uc73c\ub85c \ub418\ub3cc\ub9ac\uac70\ub098 \ucf58\uc194\ub85c \ub4e4\uc5b4\uac00\uba74 \ub429\ub2c8\ub2e4. 16\ud3b8(<code>ss<\/code>\u00b7\ud3ec\ud2b8)\uc744 \ubd24\ub2e4\uba74 \uc774\uc5b4\uc9d1\ub2c8\ub2e4.\n  <\/div>\n\n  <h2>\ubc29\ud654\ubcbd\uc774 \ubb54\uac00 \u2014 ufw\uc758 \uc5ed\ud560<\/h2>\n  <p>\ube44\uc720\ud558\uc790\uba74 \u2014 \ub0b4 \ucef4\ud4e8\ud130(\ud2b9\ud788 \uc11c\ubc84)\ub294 \uc5ec\ub7ec \uac1c\uc758 &#8220;\ubb38(\ud3ec\ud2b8)&#8221;\uc774 \uc788\ub294 \uac74\ubb3c\uc785\ub2c8\ub2e4. 22\ubc88 \ubb38\uc740 SSH(\uc6d0\uaca9 \uc811\uc18d), 80\u00b7443\ubc88 \ubb38\uc740 \uc6f9, \uadf8 \uc678 \uc218\ub9cc \uac1c. \ubc29\ud654\ubcbd\uc740 \uadf8 \ubb38\ub4e4\uc758 \uacbd\ube44\uc6d0\uc774\uc5d0\uc694 \u2014 &#8220;22\ubc88\uc740 \ud1b5\uacfc, \ub098\uba38\uc9c0\ub294 \ub9c9\uc544&#8221;\ucc98\ub7fc \uaddc\uce59\uc744 \uc815\ud574\uc90d\ub2c8\ub2e4. \uadf8\ub798\uc57c \uc548 \uc4f0\ub294 \ubb38\uc73c\ub85c \ub204\uac00 \ub4e4\uc5b4\uc624\ub294 \uac78 \ub9c9\uc8e0.<\/p>\n  <ul>\n    <li><strong>\uc6b0\ubd84\ud22c \ub370\uc2a4\ud06c\ud0d1<\/strong>: ufw\ub294 \uae54\ub824 \uc788\uc9c0\ub9cc <strong>\uae30\ubcf8 \ube44\ud65c\uc131<\/strong>(<code>inactive<\/code>). \ub370\uc2a4\ud06c\ud0d1\uc740 \ubcf4\ud1b5 \ub4e4\uc5b4\uc624\ub294 \uc5f0\uacb0\uc774 \ubcc4\ub85c \uc5c6\uc5b4\uc11c\uc694. \ucf1c\ub450\uba74 \ub354 \uc548\uc804\ud558\uae34 \ud568.<\/li>\n    <li><strong>\uc6b0\ubd84\ud22c \uc11c\ubc84 \/ \ud074\ub77c\uc6b0\ub4dc \uc778\uc2a4\ud134\uc2a4<\/strong>: \uc678\ubd80\uc5d0 \ub178\ucd9c\ub3fc \uc788\uc73c\ub2c8 <strong>ufw\ub97c \ucf1c\uace0 \ud544\uc694\ud55c \ud3ec\ud2b8\ub9cc \uc5ec\ub294 \uac8c \uc0ac\uc2e4\uc0c1 \ud45c\uc900<\/strong>. \uc548 \uadf8\ub7ec\uba74 \uc548 \uc4f0\ub294 \uc11c\ube44\uc2a4 \ud3ec\ud2b8\uac00 \ub2e4 \uc5f4\ub824 \uc788\uac8c \ub428.<\/li>\n    <li><strong>ufw\uac00 \ud558\ub294 \uc77c<\/strong>: \ubcf5\uc7a1\ud55c <code>iptables<\/code> \uaddc\uce59\uc744 \uc0ac\ub78c\uc774 \uc77d\uae30 \uc88b\uc740 \uba85\ub839(<code>allow<\/code>\/<code>deny<\/code>)\uc73c\ub85c \ubc14\uafd4\uc90c. \uae30\ubcf8 \uc815\ucc45 = &#8220;\ub4e4\uc5b4\uc624\ub294 \uac74 \ub2e4 \ub9c9\uace0(deny incoming), \ub098\uac00\ub294 \uac74 \ub2e4 \ud5c8\uc6a9(allow outgoing)&#8221; \u2014 \uadf8 \uc704\uc5d0 &#8220;\uc774\uac74 \uc608\uc678\ub85c \uc5f4\uc5b4\uc918&#8221;\ub97c \ucd94\uac00\ud558\ub294 \ubc29\uc2dd.<\/li>\n  <\/ul>\n\n  <h2>\ucf1c\uace0 \ub044\uace0 \ubcf4\uae30 \u2014 enable \u00b7 status<\/h2>\n  <div class=\"cmd\"><span class=\"c\">$<\/span> sudo ufw status verbose\n<span class=\"o\">Status: inactive          \u2190 \uc9c0\uae08 \uaebc\uc838 \uc788\uc74c. (\ucf1c\uc838 \uc788\uc73c\uba74 \uaddc\uce59 \ubaa9\ub85d\uacfc \uae30\ubcf8 \uc815\ucc45\uc774 \ub098\uc634)<\/span>\n<span class=\"c\">$<\/span> sudo ufw default deny incoming\n<span class=\"c\">$<\/span> sudo ufw default allow outgoing\n<span class=\"o\">                          \u2190 \uae30\ubcf8 \uc815\ucc45 \uc124\uc815(\ubcf4\ud1b5 \uc774\ubbf8 \uc774\ub807\uac8c \ub3fc \uc788\uc74c): \ub4e4\uc5b4\uc624\ub294 \uac74 \ucc28\ub2e8, \ub098\uac00\ub294 \uac74 \ud5c8\uc6a9<\/span>\n<span class=\"c\">$<\/span> sudo ufw enable\n<span class=\"o\">Firewall is active and enabled on system startup   \u2190 \ubc29\ud654\ubcbd \ucf2c + \ubd80\ud305 \uc2dc \uc790\ub3d9 \uc2dc\uc791<\/span>\n<span class=\"c\">$<\/span> sudo ufw status numbered\n<span class=\"o\">[ 1] 22\/tcp   ALLOW IN   Anywhere          \u2190 \ucf1c\uc9c4 \ub4a4 \uaddc\uce59 \ubaa9\ub85d (\ubc88\ud638\ub294 \uc0ad\uc81c\ud560 \ub54c \uc500)<\/span>\n<span class=\"c\">$<\/span> sudo ufw disable\n<span class=\"o\">                          \u2190 \ubc29\ud654\ubcbd \ub044\uae30 (\uaddc\uce59\uc740 \ub0a8\uc544\uc788\uace0, \ub2e4\uc2dc enable \ud558\uba74 \uc801\uc6a9\ub428)<\/span>\n<span class=\"c\">$<\/span> sudo ufw reset\n<span class=\"o\">                          \u2190 \ubaa8\ub4e0 \uaddc\uce59 \ucd08\uae30\ud654 (\ucc98\uc74c\ubd80\ud130 \ub2e4\uc2dc. \uc2e0\uc911\ud788)<\/span><\/div>\n  <div class=\"warnbox\"><strong>\u26a0\ufe0f <code>sudo ufw enable<\/code> \ub204\ub974\uae30 \uc804\uc5d0:<\/strong> \uae30\ubcf8 \uc815\ucc45\uc774 &#8220;\ub4e4\uc5b4\uc624\ub294 \uac74 \ub2e4 \ub9c9\uc74c&#8221;\uc774\ub77c, <strong>\uc544\ubb34 \uaddc\uce59\ub3c4 \uc548 \ub123\uace0 enable \ud558\uba74 SSH(22\ubc88)\ub3c4 \ub9c9\ud799\ub2c8\ub2e4.<\/strong> \uc9c0\uae08 SSH\ub85c \uc6d0\uaca9 \uc11c\ubc84\uc5d0 \uc811\uc18d\ud574 \uc788\ub2e4\uba74 \u2014 <code>enable<\/code> \ud558\ub294 \uc21c\uac04 \uc5f0\uacb0\uc774 \ub04a\uae30\uace0 \ub2e4\uc2dc \ubabb \ub4e4\uc5b4\uac11\ub2c8\ub2e4(\ucf58\uc194\ub85c \uac00\uc57c \ud568). \uadf8\ub798\uc11c <strong>\ubc18\ub4dc\uc2dc \uc21c\uc11c<\/strong>: \u2460 <code>sudo ufw allow OpenSSH<\/code>(\ub610\ub294 <code>allow 22<\/code>) \u2192 \u2461 <strong>\uadf8 \ub2e4\uc74c<\/strong> <code>sudo ufw enable<\/code>. \ub85c\uceec \ub370\uc2a4\ud06c\ud0d1\uc774\uba74 \uc774 \uc704\ud5d8\uc740 \uc5c6\uc9c0\ub9cc(\ud0a4\ubcf4\ub4dc\uac00 \ubc14\ub85c \uc788\uc73c\ub2c8), \uc2b5\uad00\uc73c\ub85c \ub4e4\uc774\uc138\uc694. \ud074\ub77c\uc6b0\ub4dc \uc778\uc2a4\ud134\uc2a4\ub294 \ub300\ubd80\ubd84 \ucf58\uc194\/\uc2dc\ub9ac\uc5bc \uc811\uc18d \ubc29\ubc95\uc774 \ub530\ub85c \uc788\uc73c\ub2c8 \ub9c9\ud600\ub3c4 \ubcf5\uad6c\ub294 \ub418\uc9c0\ub9cc, \uc548 \ub9c9\ud788\uac8c \ud558\ub294 \uac8c \ub0ab\uc8e0.<\/div>\n\n  <h2>\uc5f4\uace0 \ub2eb\uae30 \u2014 allow \u00b7 deny \u00b7 delete<\/h2>\n  <p>&#8220;\uc774 \ud3ec\ud2b8(\ub610\ub294 \uc11c\ube44\uc2a4)\ub97c \uc5f4\uc5b4\/\ub2eb\uc544&#8221;\ub97c \uc601\uc5b4\ucc98\ub7fc \uc501\ub2c8\ub2e4.<\/p>\n  <div class=\"cmd\"><span class=\"c\">$<\/span> sudo ufw allow 22\/tcp\n<span class=\"o\">                          \u2190 22\ubc88 TCP \ud3ec\ud2b8 \ud5c8\uc6a9 (SSH). \ud3ec\ud2b8 \ubc88\ud638 \uc9c1\uc811 \uc9c0\uc815<\/span>\n<span class=\"c\">$<\/span> sudo ufw allow OpenSSH\n<span class=\"o\">                          \u2190 \uac19\uc740 \ub73b \u2014 ufw \uac00 \uc544\ub294 &#8216;\uc11c\ube44\uc2a4 \uc774\ub984&#8217;\uc73c\ub85c\ub3c4 \uac00\ub2a5. &#8216;sudo ufw app list&#8217; \ub85c \ubaa9\ub85d \ud655\uc778<\/span>\n<span class=\"c\">$<\/span> sudo ufw allow 80,443\/tcp\n<span class=\"o\">                          \u2190 80(http)\u00b7443(https) \ud55c \ubc88\uc5d0. \uc6f9\uc11c\ubc84 \uc6b4\uc601 \uc2dc \ud544\uc218 \ub458<\/span>\n<span class=\"c\">$<\/span> sudo ufw allow from 203.0.113.5 to any port 22\n<span class=\"o\">                          \u2190 &#8216;\ud2b9\uc815 IP(203.0.113.5)\uc5d0\uc11c\ub9cc&#8217; 22\ubc88 \ud5c8\uc6a9 \u2014 SSH \ub97c \ub0b4 \uc0ac\ubb34\uc2e4 IP \uc5d0\uc11c\ub9cc \ubc1b\uaca0\ub2e4<\/span>\n<span class=\"c\">$<\/span> sudo ufw deny 23\n<span class=\"o\">                          \u2190 23\ubc88(telnet) \ucc28\ub2e8. (\uae30\ubcf8\uc774 deny incoming \uc774\ub77c \uc0ac\uc2e4 \uc548 \ud574\ub3c4 \ub9c9\ud600\uc788\uc9c0\ub9cc, \uba85\uc2dc\uc801\uc73c\ub85c)<\/span>\n<span class=\"c\">$<\/span> sudo ufw status numbered\n<span class=\"c\">$<\/span> sudo ufw delete 3\n<span class=\"o\">                          \u2190 \uaddc\uce59 3\ubc88 \uc0ad\uc81c (status numbered \ub85c \ubc88\ud638 \ud655\uc778 \ud6c4). \ub610\ub294 &#8216;sudo ufw delete allow 80&#8217; \ucc98\ub7fc \uaddc\uce59 \uc790\uccb4\ub85c\ub3c4<\/span>\n<span class=\"c\">$<\/span> sudo ufw limit 22\/tcp\n<span class=\"o\">                          \u2190 &#8216;limit&#8217; = \ud5c8\uc6a9\ud558\ub418 \uac19\uc740 IP \uac00 \uc9e7\uc740 \uc2dc\uac04\uc5d0 \uc790\uc8fc \ub4e4\uc5b4\uc624\uba74(\ubb34\ucc28\ubcc4 \ub300\uc785 \uc2dc\ub3c4) \ucc28\ub2e8. SSH \uc5d0 \ucd94\ucc9c<\/span><\/div>\n  <div class=\"databox\"><b>\ud754\ud788 \uc4f0\ub294 \ud3ec\ud2b8:<\/b> <strong>22<\/strong>=SSH(\uc6d0\uaca9 \uc811\uc18d, 18\ud3b8), <strong>80<\/strong>=HTTP, <strong>443<\/strong>=HTTPS, <strong>53<\/strong>=DNS, <strong>3306<\/strong>=MySQL, <strong>5432<\/strong>=PostgreSQL, <strong>8080<\/strong>=\ub300\uccb4 HTTP. \uc11c\ubc84 \ubcf4\uc548\uc758 \uae30\ubcf8 = &#8220;\uc4f0\ub294 \ud3ec\ud2b8\ub9cc \uc5f4\uace0 \ub098\uba38\uc9c0\ub294 \ub2eb\ub294\ub2e4&#8221;. DB \ud3ec\ud2b8(3306\u00b75432)\ub294 \uc678\ubd80\uc5d0 \uc5f4\uc9c0 \ub9d0\uace0 <code>from \ub0b4IP<\/code>\ub85c \uc81c\ud55c\ud558\uac70\ub098 \uc544\uc608 \ub2eb\uace0 SSH \ud130\ub110\uc744 \uc4f0\ub294 \uac8c \uc815\uc11d\uc785\ub2c8\ub2e4.<\/div>\n\n  <h2>\ud754\ud55c \uc2dc\ub098\ub9ac\uc624 + \uc815\ub9ac<\/h2>\n  <p>\uc2e4\uc804 \uc608\uc2dc \u2014 \uc704 \uba85\ub839\ub4e4\uc758 \uc870\ud569\uc785\ub2c8\ub2e4.<\/p>\n  <div class=\"cmd\"><span class=\"o\"># \uc2dc\ub098\ub9ac\uc624 1) \uc6f9\uc11c\ubc84 (HTTP\/HTTPS \uacf5\uac1c + SSH \ub294 \ub0b4 IP \ub9cc)<\/span>\n<span class=\"c\">$<\/span> sudo ufw allow from 203.0.113.5 to any port 22 proto tcp\n<span class=\"c\">$<\/span> sudo ufw allow 80,443\/tcp\n<span class=\"c\">$<\/span> sudo ufw enable          <span class=\"o\"># \u2190 SSH \uaddc\uce59 \ub123\uc740 \ub2e4\uc74c\uc5d0! (\uc704 \uacbd\uace0)<\/span>\n<span class=\"c\">$<\/span> sudo ufw status verbose\n\n<span class=\"o\"># \uc2dc\ub098\ub9ac\uc624 2) \ub370\uc2a4\ud06c\ud0d1 \u2014 \uadf8\ub0e5 \ub2e4 \ub9c9\uace0(\ub4e4\uc5b4\uc624\ub294 \uac70) \ucf1c\ub450\uae30<\/span>\n<span class=\"c\">$<\/span> sudo ufw default deny incoming\n<span class=\"c\">$<\/span> sudo ufw allow OpenSSH    <span class=\"o\"># \uc6d0\uaca9 \uc811\uc18d \uc4f8 \uac70\uba74 (\uc548 \uc4f0\uba74 \uc0dd\ub7b5)<\/span>\n<span class=\"c\">$<\/span> sudo ufw enable\n\n<span class=\"o\"># \uaddc\uce59 \ubcf4\uae30\u00b7\ub85c\uadf8<\/span>\n<span class=\"c\">$<\/span> sudo ufw status numbered  <span class=\"o\"># \ud604\uc7ac \uaddc\uce59 (\uc0ad\uc81c\uc6a9 \ubc88\ud638 \ud3ec\ud568)<\/span>\n<span class=\"c\">$<\/span> sudo ufw logging on        <span class=\"o\"># \ucc28\ub2e8\ub41c \uc2dc\ub3c4\ub97c \/var\/log\/ufw.log \uc5d0 \uae30\ub85d (12\ud3b8 tail -f \ub85c \ubcf4\uba74 \ub428)<\/span><\/div>\n  <div class=\"databox\"><b>\uc624\ub298\uc758 \uc815\ub9ac:<\/b> ufw = iptables \uc758 \uc26c\uc6b4 \uaecd\ub370\uae30. \ub370\uc2a4\ud06c\ud0d1\uc740 \uae30\ubcf8 \uaebc\uc9d0, \uc11c\ubc84\ub294 \ucf1c\ub294 \uac8c \ud45c\uc900. \uae30\ubcf8 \uc815\ucc45 = <code>default deny incoming<\/code> + <code>default allow outgoing<\/code>. <strong>\u26a0\ufe0f enable \uc804\uc5d0 <code>sudo ufw allow OpenSSH<\/code> \uba3c\uc800<\/strong>(\uc6d0\uaca9\uc774\uba74 \uc548 \uadf8\ub7fc \uc7a0\uae40). \uc5f4\uae30: <code>sudo ufw allow \ud3ec\ud2b8\/tcp<\/code>\u00b7<code>allow \uc11c\ube44\uc2a4\uba85<\/code>\u00b7<code>allow from IP to any port N<\/code>. \ub2eb\uae30\/\uc0ad\uc81c: <code>deny \ud3ec\ud2b8<\/code>\u00b7<code>delete \ubc88\ud638<\/code>(\ubc88\ud638\ub294 <code>status numbered<\/code>). SSH \uc5d4 <code>limit 22\/tcp<\/code> \ucd94\ucc9c. \ubcf4\uae30: <code>status verbose<\/code>. \uc548 \uc4f0\ub294 \ud3ec\ud2b8\ub294 \uc5f4\uc9c0 \ub9d0 \uac83.<\/div>\n\n  <div class=\"roadmap\">\n    <h3>\uc2dc\ub9ac\uc988 \ud750\ub984<\/h3>\n    <ol>\n      <li>1~14\ud3b8 \uc785\ubb38\u00b7\uae30\ucd08\u00b7vim\u00b7\ud504\ub85c\uc138\uc2a4 \u2714 &nbsp; 15\ud3b8 \ub514\uc2a4\ud06c \u2714 &nbsp; 16\ud3b8 \ub124\ud2b8\uc6cc\ud06c \u2714<\/li>\n      <li><strong>17\ud3b8 \u2014 \uc6b0\ubd84\ud22c \ubc29\ud654\ubcbd ufw (\uc774 \uae00) \u2714<\/strong><\/li>\n      <li>18\ud3b8 \u2014 SSH \ud0a4 \uc124\uc815 (\uc6d0\uaca9 \uc811\uc18d\uc744 \ube44\ubc88 \uc5c6\uc774\u00b7\uc548\uc804\ud558\uac8c \u2014 22\ubc88 \ud3ec\ud2b8\ub97c \uc81c\ub300\ub85c \uc4f0\ub294 \ubc95)<\/li>\n      <li>19\ud3b8~ \u2014 systemd \uc11c\ube44\uc2a4 \/ cron \/ \uc178 \uc2a4\ud06c\ub9bd\ud2b8 \u2026<\/li>\n    <\/ol>\n  <\/div>\n  <p>\uc624\ub298 \ud560 \uc77c(\uac00\uc0c1 \uba38\uc2e0\uc5d0\uc11c!): <code>sudo ufw status<\/code>\ub85c \ud604\uc7ac \uc0c1\ud0dc \ubcf4\uace0 \u2192 <code>sudo ufw allow OpenSSH<\/code> \u2192 <code>sudo ufw enable<\/code> \u2192 <code>sudo ufw status numbered<\/code>\ub85c \uaddc\uce59 \ud655\uc778 \u2192 <code>sudo ufw allow 8080\/tcp<\/code> \ucd94\uac00\ud588\ub2e4\uac00 \u2192 <code>sudo ufw delete<\/code>\ub85c \uc9c0\uc6cc\ubcf4\uae30 \u2192 <code>sudo ufw disable<\/code>. &#8220;\ud3ec\ud2b8\ub97c \uc5f4\uace0 \ub2eb\ub294\ub2e4&#8221;\ub294 \uac10\ub9cc \uc7a1\uc73c\uba74 \ub429\ub2c8\ub2e4. 18\ud3b8\uc5d0\uc11c \ub9cc\ub098\uc694. (ufw \uc804\uccb4\ub294 <code>man ufw<\/code> \ub610\ub294 <a href=\"https:\/\/ubuntu.com\/server\/docs\/firewalls\" target=\"_blank\" rel=\"noopener\">\uc6b0\ubd84\ud22c \uacf5\uc2dd \ubc29\ud654\ubcbd \ubb38\uc11c<\/a>.)<\/p>\n\n  <div class=\"cta\">\n    <h3>\uc6b0\ubd84\ud22c\u00b7\ub9ac\ub205\uc2a4 \uc785\ubb38 \uc2dc\ub9ac\uc988<\/h3>\n    <p>\uc774\uc81c \uc5b4\ub290 \ubb38\uc744 \uc5f4\uace0 \ub2eb\uc744\uc9c0 \uc815\ud569\ub2c8\ub2e4. 18\ud3b8 &#8220;SSH \ud0a4 \uc124\uc815&#8221;\uc73c\ub85c \uc774\uc5b4\uc9d1\ub2c8\ub2e4.<\/p>\n    <p>\ub2e4\uc74c \ud3b8\uc740 <a href=\"https:\/\/junai.ai\/blog\/\" target=\"_blank\" rel=\"noopener\">JUNAI \ube14\ub85c\uadf8<\/a>\uc5d0\uc11c \uc774\uc5b4 \ubcf4\uc138\uc694.<\/p>\n  <\/div>\n\n<\/article>\n<\/div>\n\n<footer>\n  <div class=\"wrap\">\u00a9 2026 JUNAI \u00b7 \uc6b0\ubd84\ud22c\u00b7\ub9ac\ub205\uc2a4 \uc785\ubb38 \uc2dc\ub9ac\uc988 17\ud3b8 \u00b7 \ubcf8 \uae00\uc740 2026\ub144 5\uc6d4 13\uc77c \uae30\uc900\uc73c\ub85c \uc791\uc131\ub418\uc5c8\uc2b5\ub2c8\ub2e4.<\/div>\n<\/footer>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>ufw \ubc29\ud654\ubcbd \u2014 enable\u00b7status, allow\u00b7deny\ub85c \ud3ec\ud2b8 \uc5f4\uace0 \ub2eb\uae30, \ud2b9\uc815 IP\ub9cc \ud5c8\uc6a9, SSH \uc7a0\uae40 \ubc29\uc9c0\uae4c\uc9c0. \ub9ac\ub205\uc2a4 \uc785\ubb38 17\ud3b8.<\/p>\n","protected":false},"author":1,"featured_media":176,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[],"class_list":["post-189","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ubuntu-linux"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/comments?post=189"}],"version-history":[{"count":0,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/189\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media\/176"}],"wp:attachment":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media?parent=189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/categories?post=189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/tags?post=189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}