UFW vs IPTables?

Discussion in 'BungeeCord Help' started by SrMentz, May 18, 2019.

  1. Would you like to know which one you could be safer with? What if you could put the two together or is it unnecessary to use them together?
    • Informative Informative x 1
  2. ufw uses iptables, just with simple commands
  3. So it's practically the same but designed to be simpler.
  4. Have iptables, then use ufw for easy and quick setup of things.

    If you ever need anything really specific, you can just iptables the long strings in and works fine.
  5. I've been reading and they say that some people can bypass the IPTables method. How true is that?
  6. Untrue. As long as you setup your IPTables correctly, it cannot be bypassed or exploited.
    • Agree Agree x 1
  7. I am currently thinking of following the spigot bungee guide. But I do not know if I could only edit the example script or if I should follow the previous commands apart from the script. I mean, could it just work if I modify the script for my server? or necessarily I also need to do the previous steps of the part that says "
    Firewalling with iptables "I do not understand the truth because in the script there are some changes different from those of the previous steps and that leaves me in doubt if I have to follow the normal steps or use the script (modified)
  8. electronicboy

    IRC Staff

    ufw is a wrapper for iptables, it offers a set of simplier commands in order to interact with iptables;

    Iptables is perfectly fine, just commands are verbose and you don't have this thing above you that's going to baby you, iptable commands are more raw, but you're working directly with iptables vs a wrapper, major issue I had with ufw was that the chaining it used often just lead to messy ufw rules.

    It really boils down to your familiarity with iptables, if you're not aware of it ufw should be fine, but I've had enough headaches from it I'd rather not go near it, but at the same point, I don't remember the iptables manual off the back of my hand, but the real complexity is understanding how to chain rules etc properly for your needs
    • Agree Agree x 1