Charybdisegész pontosan ezek nem alkalmazás-alapú tűzfalak. a programok közötti kommunikációt (hogy melyik program milyen másikat indít el, stb.) ezek nem szűrik, - halovány emlékeim szerint - leginkább tán azért, mert itt a programok nem egymást hívogatják meg közvetlenül, hanem a kernelhez futnak be ezek a dolgok, és az intéz minden ilyet. de majd valami hozzáértő kifejti helyesen. :) bár azonnal cáfolnám is magam. man ufw:
APPLICATION INTEGRATION
ufw supports application integration by reading profiles located in /etc/ufw/applications.d. To list the names of application profiles known to ufw, use:
ufw app list
Users can specify one of the applications names when adding rules. For example, when using the simple syntax, users can use:
ufw allow
Or for the extended syntax:
ufw allow from 192.168.0.0/16 to any app
You should not specify the protocol with either syntax, and with the extended syntax, use app in place of the port clause.
Details on the firewall profile for a given application can be seen with:
ufw app info
where ’’ is one of the applications seen with the app list command. User’s may also specify all to see the profiles for all known applications.
After creating or editing an application profile, user’s can run:
ufw app update
This command will automatically update the firewall with updated profile information. If specify ’all’ for name, then all the profiles will be updated. To update a profile and add a new rule to the firewall automatically, user’s can run:
ufw app update --add-new
The behavior of the update --add-new command can be configured using:
ufw app default
The default application policy is skip, which means that the update --add-new command will do nothing. Users may also specify a policy of allow or deny so the update --add-new command may automatically update the firewall.
WARNING: it may be a security to risk to use a default allow policy for applications profiles. Carefully consider the security ramifications before using a default allow policy.