1. 设置默认策略

ufw reset
ufw default deny incoming
ufw default allow outgoing

2. 允许 SSH、HTTP、HTTPS

ufw allow from 192.168.5.0/24 to any port 22
ufw allow from 192.168.5.125 to any port 9100
ufw allow 8100,8200,80,443

3. 启用防火墙

ufw enable
ufw status numbered