ufw Firewall Usage on Ubuntu
I am referring to your Linux system’s firewall. If you’re running Ubuntu, then the systems firewall configuration tool, ufw is what we use.
In this simple tutorial, I’m gonna show you with just a few easy steps, just how simple it is to make your Ubuntu Linux system that little bit more secure.
If you’re using Ubuntu, then ufw (Uncomplicated Firewall) is already installed by default, yet it remains disabled by default. To check the current status of ufw, do this:
% sudo ufw status status: inactive
If it’s disabled, just perform this simple command to enable your firewall:
% sudo ufw enable Firewall is active and enabled on system startup
And now repeat the status command and you should now see this:
Now, I’m sure you’re all aware that firewalls handle network traffic via ports. By default, once enabled, ufw sets a default set of rules which should be enough to handle most home user’s needs. But for the more advanced users, you might want to know how to allow traffic access to a specific port. This is essential if you’re running a torrent client, FTP server, Telnet/SSH server or Apache.
To allow/open a specific port number in ufw, do this:
% sudo ufw allow 21
This will open port 21 in ufw and allow traffic through this port. Port 21 is used for FTP traffic and must be open if you’re running a FTP server through the default port.
Say that you want access to your system via Telnet or SSH. That can easily be done by using the same command, but changing the port number.
For SSH, use port 22:
% sudo ufw allow 22
Or for Telnet, use port 23:
% sudo ufw allow 23
That’s all you have to do to allow traffic through a set port.
But what if you want to ensure a specific port number is blocked? That’s just as easy as opening up the port:
% sudo ufw deny 21
Or you can also block access to Telnet and SSH ports for extra security for your system if you don’t use those ports:
% sudo ufw deny 22
% sudo ufw deny 23
It’s exactly the same command(s), you are simply replacing the allow argument with a deny argument for ufw to understand what you are telling it to do.
What if you make a mistake and enter the wrong port number or allow/deny rule? Thankfully, ufw makes things very easy to delete a specific rule. Although, it’s a little more fiddly. But only slightly!
To list your current rules, we simply perform the command at the very beginning of this tutorial:
% sudo ufw status Status: active To Action From -- ------ ---- 21 DENY Anywhere 22 DENY Anywhere 23 DENY Anywhere 21 DENY Anywhere (v6) 22 DENY Anywhere (v6) 23 DENY Anywhere (v6)
Looking above, as an example if we wanted to allow traffic through port 21 instead of denying it, we just delete the current rule by doing the following:
% sudo ufw delete deny 21
And now when we repeat the status command, we see the rule has now been removed:
% sudo ufw status Status: active To Action From -- ------ ---- 22 DENY Anywhere 23 DENY Anywhere 22 DENY Anywhere (v6) 23 DENY Anywhere (v6)
And now we can add allow the traffic through port 21 as we originally intended:
% sudo ufw allow 21
And now to check to see our changes:
% sudo ufw status Status: active To Action From -- ------ ---- 22 DENY Anywhere 23 DENY Anywhere 21 ALLOW Anywhere 22 DENY Anywhere (v6) 23 DENY Anywhere (v6) 21 ALLOW Anywhere (v6)
Now that we’ve covered the basics of using ufw to protect your Ubuntu Linux system, it’s also important to know how to disable ufw for troubleshooting at some point.
To disable the firewall, do this:
% sudo ufw disable Firewall stopped and disabled on system startup
But remember to re-enable the firewall once you have finished troubleshooting the network as leaving it open/disabled is very insecure.
Ubuntu maintain a very good documentation page which covers ufw in more depth. I’ve just covered the basics here which should actually be enough for most beginner-advanced users. It’s always good to know what you can do with ufw. Read the full documentation here https://help.ubuntu.com/community/UFW
And don’t forget, you can always check the man pages:
% man ufw