ufw Firewall Usage on Ubuntu
There’s an important piece of software sitting on your computer that you are probably completely unaware that it’s even there. Or you simply take it for granted. One of the two.
I am referring to your Linux system’s firewall. If you’re running Ubuntu, then the systems firewall configuration tool, ufw is what we use.
In this simple tutorial, I’m gonna show you with just a few easy steps, just how simple it is to make your Ubuntu Linux system that little bit more secure.
If you’re using Ubuntu, then ufw (Uncomplicated Firewall) is already installed by default, yet it remains disabled by default. To check the current status of ufw, do this:
% sudo ufw status status: inactive
If it’s disabled, just perform this simple command to enable your firewall:
% sudo ufw enable Firewall is active and enabled on system startup
And now repeat the status command and you should now see this:
Now, I’m sure you’re all aware that firewalls handle network traffic via ports. By default, once enabled, ufw sets a default set of rules which should be enough to handle most home user’s needs. But for the more advanced users, you might want to know how to allow traffic access to a specific port. This is essential if you’re running a torrent client, FTP server, Telnet/SSH server or Apache.
To allow/open a specific port number in ufw, do this:
% sudo ufw allow 21
This will open port 21 in ufw and allow traffic through this port. Port 21 is used for FTP traffic and must be open if you’re running a FTP server through the default port.
Say that you want access to your system via Telnet or SSH. That can easily be done by using the same command, but changing the port number.
For SSH, use port 22:
% sudo ufw allow 22
Or for Telnet, use port 23:
% sudo ufw allow 23
That’s all you have to do to allow traffic through a set port.
But what if you want to ensure a specific port number is blocked? That’s just as easy as opening up the port:
% sudo ufw deny 21
Or you can also block access to Telnet and SSH ports for extra security for your system if you don’t use those ports:
% sudo ufw deny 22
% sudo ufw deny 23
It’s exactly the same command(s), you are simply replacing the allow argument with a deny argument for ufw to understand what you are telling it to do.
What if you make a mistake and enter the wrong port number or allow/deny rule? Thankfully, ufw makes things very easy to delete a specific rule. Although, it’s a little more fiddly. But only slightly!
To list your current rules, we simply perform the command at the very beginning of this tutorial:
% sudo ufw status Status: active To Action From -- ------ ---- 21 DENY Anywhere 22 DENY Anywhere 23 DENY Anywhere 21 DENY Anywhere (v6) 22 DENY Anywhere (v6) 23 DENY Anywhere (v6)
Looking above, as an example if we wanted to allow traffic through port 21 instead of denying it, we just delete the current rule by doing the following:
% sudo ufw delete deny 21
And now when we repeat the status command, we see the rule has now been removed:
% sudo ufw status Status: active To Action From -- ------ ---- 22 DENY Anywhere 23 DENY Anywhere 22 DENY Anywhere (v6) 23 DENY Anywhere (v6)
And now we can add allow the traffic through port 21 as we originally intended:
% sudo ufw allow 21
And now to check to see our changes:
% sudo ufw status Status: active To Action From -- ------ ---- 22 DENY Anywhere 23 DENY Anywhere 21 ALLOW Anywhere 22 DENY Anywhere (v6) 23 DENY Anywhere (v6) 21 ALLOW Anywhere (v6)
Now that we’ve covered the basics of using ufw to protect your Ubuntu Linux system, it’s also important to know how to disable ufw for troubleshooting at some point.
To disable the firewall, do this:
% sudo ufw disable Firewall stopped and disabled on system startup
But remember to re-enable the firewall once you have finished troubleshooting the network as leaving it open/disabled is very insecure.
Ubuntu maintain a very good documentation page which covers ufw in more depth. I’ve just covered the basics here which should actually be enough for most beginner-advanced users. It’s always good to know what you can do with ufw. Read the full documentation here https://help.ubuntu.com/community/UFW
And don’t forget, you can always check the man pages:
% man ufw
Like us on Facebook
We need your assistance to stay live
This week Top Posts
- Top Things To Do After Installing Ubuntu 13.10 'Saucy Salamander' : Ubuntu 13.10 Saucy Salamander will be released on coming October 17th with many new salient featur...0 comments |
- Install Fail2Ban On Ubuntu Server 13.04/13.10 : Introduction Fail2Ban is an intrusion prevention framework written in the Python programming l...0 comments |
- 5 Android Apps that’s Going to Make Running Your Business Less Stressful : Running a business can be very stressful. You have to think about team collaboration, making sure th...0 comments |
- install Git in Ubuntu : Git is a distributed revision control system with an emphasis on speed. Git was initially designed a...0 comments |
- Install Corosync and Pacemaker On CentOS 6.5 : I will show you in this tutorial how to install your first cluster Corosync and the Linux Cluster Ma...0 comments |
- Install Crashplan backup tool in Linux : CashPlan is an automated backup solution that either uses the CrashPlan Central server or any other ...0 comments |
- 5 Android Apps that’s Going to Make Running Your Business Less Stressful
- Puppet agent Install Using Script
- Install Corosync and Pacemaker On CentOS 6.5
- Install Fail2Ban On Ubuntu Server 13.04/13.10
- How to surf using Tor Browser Bundle
- New Games got Greenlit on Linux by Steam Today!
- Linux Basics: Zypper Usage On openSUSE
- GNOME’s 3.12 supports Google Cloud Print
- How to enable 32-bit support for 64-bit Ubuntu 13.10 or greater
- How To Change Plank Dock Position in Elementary OS “Luna”
This work by unixmen.com is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Copyright © 2008-2013 Unixmen.com .