smalllinux

A Simple Linux Firewall – ufw

/ Networking and Computing Tips and Tricks / By
Post Views: 557

Configuring a firewall rule in Ubuntu typically involves using iptables or nftables. I have written a separate article on iptables here.

What if we wanted to make life a little less involved. The answer is ufw (Uncomplicated Firewall), which is a user-friendly front-end for managing iptables firewall rules.

Here’s how you can do it:

Step 1: Install UFW (if not already installed)

UFW usually comes pre-installed with Ubuntu. You can check this by entering:

sudo ufw status

If it’s not installed, you can install it by running:

sudo apt update
sudo apt install ufw

Step 2: Enable UFW

Before adding rules, make sure UFW is enabled:

sudo ufw enable

Step 3: Allow or Deny Specific Ports

You can allow or deny traffic through specific ports.

  • Allow a Port: To allow incoming traffic on a specific port, use the following command: sudo ufw allow 22 Replace 22 with the port number you want to allow. For example, for HTTP traffic, you might allow port 80: sudo ufw allow 80
  • Deny a Port: To deny traffic on a specific port, use: sudo ufw deny 22

Step 4: Allow or Deny Services by Name

You can also allow or deny services by name, such as ssh, http, or https.

  • Allow a Service: sudo ufw allow ssh sudo ufw allow http
  • Deny a Service: sudo ufw deny ssh

Step 5: Allow or Deny Traffic from Specific IP Addresses

You can control traffic from specific IP addresses.

  • Allow an IP Address: sudo ufw allow from 192.168.1.100 This allows traffic from the IP 192.168.1.100 on all ports.
  • Deny an IP Address: sudo ufw deny from 192.168.1.100

Step 6: Check the Status of UFW

To check the status and see the rules that are currently applied:

sudo ufw status

Step 7: Disable UFW (if needed)

If you need to disable the firewall for any reason, you can do so with:

sudo ufw disable

Step 8: Delete Rules

If you need to remove a rule, you can use:

sudo ufw delete allow 22

Replace allow 22 with the specific rule you want to delete.

Additional Tips

  • Advanced Rules: UFW supports more complex rules, such as allowing/denying traffic to/from specific subnets, setting up logging, or configuring rate limits.
  • Logging: To enable logging, use sudo ufw logging on.

This basic guide should help you configure most firewall rules on Ubuntu using UFW.

Comments are welcomed below from registered users.  You can also leave comments at our Discord server.

If you would like to see more content and articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!

Contact Us Here


Please verify.
Validation complete :)
Validation failed :(
 
Your contact request has been received. We usually respond within an hour, but please be patient. We will get back to you very soon.
Scroll to Top