LOGO

Configure Ubuntu Firewall: A Step-by-Step Guide

May 29, 2012
Topics:FeaturesLinux & macOS TerminalLinux
Configure Ubuntu Firewall: A Step-by-Step Guide

Understanding Ubuntu's Firewall: Ufw

Ubuntu incorporates a built-in firewall solution called ufw, which stands for "uncomplicated firewall." This tool serves as a more accessible interface for managing the underlying iptables commands common in Linux systems.

Administrators can manage ufw not only through the command line but also via a graphical user interface, enhancing usability.

Simplified Firewall Management

The primary goal of Ubuntu’s firewall is to provide a straightforward method for executing fundamental firewall operations without requiring in-depth knowledge of iptables.

While ufw doesn’t encompass the full range of capabilities found in standard iptables, its reduced complexity makes it ideal for many common scenarios.

It allows users to quickly configure rules for allowing or denying network traffic.

Key Benefits of Ufw

  • Ease of Use: A simplified command structure compared to iptables.
  • Accessibility: Control via both command line and GUI.
  • Basic Protection: Provides essential firewall functionality for typical use cases.

Ufw is a practical solution for users who need a functional firewall without the steep learning curve associated with more advanced tools.

Utilizing the Terminal for Firewall Management

By default, the firewall is not activated. To initiate firewall protection, execute the subsequent command within a terminal window:

sudo ufw enable

It isn't a prerequisite to activate the firewall immediately. Rules can be implemented while the firewall is in an inactive state.

Subsequently, the firewall can be enabled once the desired configuration is complete.

how-to-configure-ubuntus-built-in-firewall-1.jpg

Utilizing Firewall Rules

Consider a scenario where enabling SSH traffic on port 22 is required. Several commands can be executed to achieve this functionality.

sudo ufw allow 22 (Permits traffic using both TCP and UDP protocols – less secure if UDP isn't needed.)

sudo ufw allow 22/tcp (Specifically allows TCP traffic on the designated port.)

sudo ufw allow ssh (Consults the /etc/services file to determine the port SSH utilizes, then grants access. This file contains entries for numerous standard services.)

By default, Ufw configures rules for inbound connections. However, the direction of traffic can be explicitly defined. For instance, to prevent outgoing SSH connections, the following command is used:

sudo ufw reject out ssh

The currently active rules can be inspected using this command:

sudo ufw status

how-to-configure-ubuntus-built-in-firewall-2.jpg

To remove a rule, simply prepend the word 'delete' to the original command. As an example, to cease blocking outgoing SSH traffic, execute:

sudo ufw delete reject out ssh

Ufw supports the creation of sophisticated rules through its flexible syntax. For example, the following rule blocks TCP traffic originating from the IP address 12.34.56.78 and targeting port 22 on the local machine:

sudo ufw deny proto tcp from 12.34.56.78 to any port 22

The firewall can be reverted to its initial configuration with this command:

sudo ufw reset

how-to-configure-ubuntus-built-in-firewall-3.jpg

Application Profiles

Certain applications that necessitate open ports are often accompanied by pre-configured ufw profiles, simplifying the process. To identify the application profiles present on your system, execute this command:

sudo ufw app list

This command will display a list of available profiles.

Detailed information regarding a specific profile, including its associated rules, can be obtained using the following command:

sudo ufw app info Name

Replace "Name" with the actual name of the profile you wish to inspect.

Enabling an application profile is achieved through the ufw allow command:

sudo ufw allow Name

This action permits traffic associated with the specified application profile through the firewall.

Further Details

By default, logging is deactivated. However, logging can be activated to display firewall messages within the system log.

sudo ufw logging on

Comprehensive details are available through the man ufw command, which accesses the ufw manual.

Enabling Logging

The Uncomplicated Firewall (ufw) does not record events automatically. To begin capturing firewall activity, logging must be explicitly turned on.

Accessing Documentation

Should you require a more in-depth understanding of ufw’s functionalities, the manual page provides extensive documentation.

  • To view the manual, execute the following command in your terminal: man ufw.
  • This will present a detailed guide to all available options and configurations.

Utilizing system logging allows for detailed analysis of firewall events, aiding in troubleshooting and security monitoring.

Remember that enabling logging can generate a significant amount of data, so consider disk space and log rotation policies.

GUFW: A Graphical User Interface for UFW

GUFW functions as a graphical front-end for the uncomplicated Firewall (ufw) tool. While Ubuntu doesn't natively include a graphical interface for firewall management, GUFW is readily available within Ubuntu’s software repositories for installation.

Installation is achieved through the following command:

sudo apt-get install gufw

Once installed, GUFW is accessible via the Dash application launcher, identified as "Firewall Configuration." Mirroring the simplicity of ufw itself, GUFW delivers an intuitive and user-friendly interface.

Managing Firewall Settings

Through GUFW, users can effortlessly enable or disable the firewall. Control over the default policy governing incoming and outgoing network traffic is also provided. Furthermore, the interface facilitates the addition of customized firewall rules.

how-to-configure-ubuntus-built-in-firewall-7.jpg

The rules editor within GUFW allows for the creation of both straightforward and complex firewall rules, offering flexibility in network security configuration.

how-to-configure-ubuntus-built-in-firewall-8.jpg

It’s important to acknowledge that ufw has limitations. For more advanced or intricate firewall configurations, direct interaction with iptables will be necessary.

Linux Commands

Files

tar · pv · cat · tac · chmod · grep · diff · sed · ar · man · pushd · popd · fsck · testdisk · seq · fd · pandoc · cd · $PATH · awk · join · jq · fold · uniq · journalctl · tail · stat · ls · fstab · echo · less · chgrp · chown · rev · look · strings · type · rename · zip · unzip · mount · umount · install · fdisk · mkfs · rm · rmdir · rsync · df · gpg · vi · nano · mkdir · du · ln · patch · convert · rclone · shred · srm · scp · gzip · chattr · cut · find · umask · wc · tr

Processes

alias · screen · top · nice · renice · progress · strace · systemd · tmux · chsh · history · at · batch · free · which · dmesg · chfn · usermod · ps · chroot · xargs · tty · pinky · lsof · vmstat · timeout · wall · yes · kill · sleep · sudo · su · time · groupadd · usermod · groups · lshw · shutdown · reboot · halt · poweroff · passwd · lscpu · crontab · date · bg · fg · pidof · nohup · pmap

Networking

netstat · ping · traceroute · ip · ss · whois · fail2ban · bmon · dig · finger · nmap · ftp · curl · wget · who · whoami · w · iptables · ssh-keygen · ufw · arping · firewalld

RELATED: Best Linux Laptops for Developers and Enthusiasts

#Ubuntu firewall#UFW#Ubuntu security#firewall configuration#Linux firewall#Ubuntu UFW tutorial