The Ubuntu Firewall (UFW) is an extremely easy to use command-line firewall utility that interfaces with IPTables to make firewall configuration easy.
A firewall is an essential part of any network. Few things are as effective in ensuring a system’s security than a firewall that has been configured properly.
In this tutorial, we will understand how Ubuntu Firewall UFW works. Later, we will learn some important UFW commands which are essential for all Linux users.
Table of Contents
- 1 Installing Ubuntu Firewall UFW
- 2 Basics of UFW
- 3 Understanding the Ubuntu Firewall UFW
- 4 Modifying the Ubuntu Firewall
- 5 Conclusion
Installing Ubuntu Firewall UFW
The Ubuntu firewall ufw comes as a default installation on Ubuntu distributions. However, if it is not present for some reason, install it using the following command.
sudo apt install ufw
Basics of UFW
UFW or Uncomplicated Firewall is the default Ubuntu Firewall manager. As the name suggests, it is an uncomplicated firewall configuration tool for people who are unfamiliar with firewall concepts.
Ubuntu firewall UFW makes things easier for users as working with iptables can be tough for many beginners and so, UFW acts as an easy to use interface.
With its IPv4 and IPv6 support, UFW provides users with a simple yet powerful tool to configure their firewall.
Understanding the Ubuntu Firewall UFW
One thing that people often assume is that UFW is the Ubuntu Firewall. The truth, however, is that UFW is not a firewall. It is a tool that allows you to manage and configure your firewall.
It does so by setting up and modifying iptables for you. All you need to do is to run the desired commands through the UFW interface.
The commands for UFW are user friendly and easy to remember, even for beginners. This is another reason why UFW is a much-loved tool among Ubuntu users.
It helps you set up your firewall without risking your system security, even if you don’t have detailed knowledge of iptables.
Let us explore the most basic UFW commands to interact with our Ubuntu firewall.
To use your firewall, you need to enable it on your system using the ufw command. Typing the following command in your terminal will enable the firewall on your system.
sudo ufw enable
The firewall can be disabled in a similar manner using the following command.
sudo ufw disable
Checking Ubuntu Firewall UFW status
It is important to be able to know the status of your firewall for security reasons. This can be done through the following ufw command.
sudo ufw status
As you can see in the screenshot above, you will see a list of services along with the port that they are allowed through.
Modifying the Ubuntu Firewall
In the previous section, we learnt how to do basic interaction with our firewall. Now, we will discuss some commands which can be used to modify our firewall settings. The UFW commands can be used to configure our Ubuntu Firewall.
Allowing a service through Firewall
The first UFW command we will discuss will be used to allow service through our firewall. Let us allow ssh connections through our firewall. This will allow our Ubuntu-based system to allow incoming ssh connections. Run the below command.
sudo ufw allow ssh
Note that you can replace the service name with a port number to allow communications through that port. To enable HTTP communication (which is at port 80) through the firewall, we can use this command.
sudo ufw allow 80
Denying a service through Firewall
Like allowing services through the firewall is essential for communication, denying services is required to prevent unwanted access for an external source to contact to your system.
Let us use port 80 again for this example. A port can be denied as follows.
sudo ufw deny 80
Note that just like the previous example, the port number can be replaced by the name of a service based on our requirements.
Allowing a port range through Firewall
Some applications use more than just a single port. This means that you need to have multiple active ports in such instances.
Hence we will open the port range from 30000 to 31000 to listen for passive FTP connections. This can be done using the following command.
sudo ufw allow 30000:31000/tcp
Deleting a Firewall rule
Sometimes you have an issue with a rule, or you just no longer need it. In this case, we can delete a rule. To delete a rule using UFW, you can use the following commands. In the first method, we use the status command in a numbered format. Then we delete the rule by specifying it’s number. This can be done as shown below.
sudo ufw status numbered sudo ufw delete <number>
Resetting Firewall configurations
If you wish to get your firewall to its original configuration, deleting each rule individually is a tiring task. Hence, it is better to reset the Ubuntu Firewall. To reset your Firewall, enter the command in your terminal as shown below.
sudo ufw reset
As you can see in the above screenshot, the rules are backed up and then deleted.
UFW is one of the most essential Ubuntu tools. It massively decreases the complexity of setting up the Ubuntu firewall. The commands are easy to remember and simple to execute.
The user-friendly interface helps users easily make their configurations without having to delve into the complexities of iptables.
This tutorial aimed to help you understand the Ubuntu Firewall and learn the commands to set up your firewall configurations. There are more commands which can allow you to allow specific addresses, or a subnet, to your system.
Make sure to explore them to learn more. If you have any feedback, queries, or suggestions, feel free to reach out to us in the comments below.