Quick Tutorial: How to Configure the Uncomplicated Firewall on Linux
Uncomplicated Firewall or ufw, is a simple and easy way of configuring network rules on your Linux-based system. This tutorial tells the user how to configure the Uncomplicated Firewall (ufw) on Linux to reduce the attack surface. A firewall is the first line of defense to remove large attack vectors if configured correctly. iptables is another option that can be used on Linux to configure firewall rules.
ufw is preinstalled on Ubuntu flavor, if not installed use below command for installation:
sudo apt install ufw
(1) Identify the status of ufw with superuser permission
sudo ufw status
(2) If disable, use ufw enable command to enable it. Remember to run command with sudo.
sudo ufw enable
(3) Block every traffic that is coming inside
sudo ufw default deny incoming
(4) Allow everything which is going outside
sudo ufw default allow outgoing
(5) To check status of ufw
sudo ufw status verbose
(6) Allow traffic to specific port
sudo ufw allow 8000/tcp
(7) Deny traffic to specific port
sudo ufw delete allow 8000/tcp
(8) Enable logging
sudo ufw logging on
(9) To block traffic from specific IP
sudo ufw deny from 10.18.23.21
(10) To allow range of tcp ports
sudo ufw allow 2000:3000/tcp
(11) To allow range of udp ports
sudo ufw allow 2000:3000/udp
(12) To delete specific rule
Two options available, you can delete it by motioning protocol name
sudo ufw delete allow ssh
You can delete it by using numbering of rules by using below command and then use number to delete particular rule
sudo ufw status numbered
sudo ufw delete 2
(13) To turn off ufw
sudo ufw disable
(14 To reset ufw - going back to initial state
sudo ufw reset
(15) If you need to see more options, just check manual
ufw is easy to configure and very effective firewall. If you are not using it, use it and comment if encountered any other command which I missed it in this tutorial.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.