Home Tutorials How To Configure Firewall with UFW on Ubuntu Linux

How To Configure Firewall with UFW on Ubuntu Linux

A firewall protocol is a security system for the internet that can allow or disallow any user to enter the network. Configuring firewall on Ubuntu Linux can allow both authorized and non-authorized networks inside the core system based on your firewall configuration. The firewall scans the packet data, whether to enter the network or not. Mostly, the firewall is a security system that prevents allowing unwanted networks. The firewall creates a relation between the internal network and the public network. On Ubuntu Linux, the firewall is a physical or virtual device that monitors internet traffic and controls the incoming and outgoing traffic based on the preordained configurations.

Firewall System on Ubuntu Linux


On Ubuntu Linux, technically open ports are not available, so the chances are notably low to get a firewall attack. Nevertheless, it is always good to active the firewall on Ubuntu. As a Linux user, you should also know the working mechanism of the firewall on Ubuntu. If you use Secure Shell (SSH), Samba, Apache server, or other remote access applications, then configuring the Ubuntu firewall is a must recommended thing for you.

Because by using a firewall on your Ubuntu server or desktop, you can allow or disallow which user or IP address you want to get inside your network. You can also set the firewall configurations for a specific IP address or any port. On Ubuntu Linux, it has the host-based and network-based firewall configuration systems. In this post, we are going to learn how to configure the firewall with the Uncomplicated Firewall (UFW) on Ubuntu Linux.

Configure Firewall on Ubuntu

Step 1: Installing the UFW Firewall on Ubuntu Linux


Commonly every Linux distro has a firewall preinstalled inside the system. You need to enable and activate the feature to get all firewall privileges. You can check whether the UFW firewall is installed inside your Ubuntu Linux or not by checking the firewall version.

$ ufw --version

Furthermore, if you find no firewall is installed and configured inside your Ubuntu machine, you can install the firewall with UFW on your system. Before installing any software, it is always an excellent step to update your Ubuntu repository. Then run the apt-get the terminal command on your Ubuntu Linux to install the UFW firewall.

$ apt update
$ apt upgrade
$ sudo apt-get install ufw
$ sudo apt install ufw

Step 2: Getting Started with Firewall on Ubuntu


Once you are done installing the UFW firewall on your Ubuntu Linux, you can now check the firewall status and which applications are currently using the firewall facilities. On the status list, you will be able to see whether the UFW firewall is active or inactive and, how many web addresses are going through firewall security. You can also monitor the incoming and outgoing data packets through the UFW firewall status.

$ sudo ufw status
$ sudo ufw app list

Now, here is the option where you have access to enable, disable, and reload the firewall configuration on your Ubuntu. You may use the verbose command to get more information about your current firewall status. You will be able to check the network’s path, allotment status, and the transmission protocol of running networks.

$ sudo ufw enable
$ sudo ufw disable
$ sudo ufw reload
$ sudo ufw status verbose

Using the UFW firewall tool, you can print the list of applications going through the firewall system on your Ubuntu Linux. You may also allow the firewall permission to any specific request through the UFW firewall. To get more information about your firewall status, you need to log in to your firewall system. You can also log out whenever you want. It will not affect the UFW firewall configurations.

$ sudo ufw app list
$ sudo ufw allow 'Apache'
$ sudo ufw logging on
$ sudo ufw logging off

Step 3: Firewall Status on Ubuntu Linux


Here comes the section where you can get the actual numbered status of the UFW firewall on your Ubuntu Linux. The numbered UFW status gives you the summed up and an enlisted result of the firewall usages. From this window, you can check the firewall status, internet protocol, and network destination. You can also disallow any network form the firewall access just by deleting that specific number.

$ sudo ufw status numbered
$ sudo ufw status numbered
$ sudo ufw delete 5

Step 4: Allow or Disallow Protocols from Firewall on Ubuntu


Internet protocols are the backbone of connecting networks with each other. Your device has to go through a protocol to get connected with other networks. Furthermore, the firewall protects the protocols not to get interrupted. Ubuntu Linux has various types of internet protocols that can be controlled with the UFW firewall system.

You can allow and assigned Transmission Control Protocol (TCP) connections against a port number. Alternatively, you can also allow or disallow any specific IP address through firewall configurations on Ubuntu Linux. Besides that, you can set rules for the User Datagram Protocol (UDP) connections.

$ sudo ufw deny 56/tcp
$ sudo ufw allow from 192.168.0.1
$ sudo ufw allow 6000:6007/tcp
$ sudo ufw allow 6000:6007/udp

As we were talking about allowing or disallowing network protocols through the firewall configuration on Ubuntu Linux, here is a pretty useful and handy method to allow all the HTTP and HTTPS protocols. In the same way, you also disallow internet protocols.

Moreover, if you want to reject all the incoming requests from a specific IP address, you can do that too. On Ubuntu, the UFW firewall allows the user to assign IP addresses and ports, whether to be allowed or denied. After taking any firewall action, you need to reload the firewall configuration on Ubuntu.

$ sudo ufw allow http
$ sudo ufw allow https
$ sudo ufw allow 80/tcp
$ sudo ufw allow <port>/<optional: protocol>
sudo ufw deny <port>/<optional: protocol>
$ sudo ufw deny http
$ sudo ufw deny from 203.0.113.4
$ sudo ufw deny 3306
$ sudo ufw allow from 192.168.0.1 to any port 22
$ sudo ufw allow from 192.168.0.1 to any port 3306
$ sudo ufw reload

To allow or deny all the incoming networks and outgoing data packets, you can set specific rules to your Ubuntu UFW firewall configuration. If you are a remote system administrator, you may need to allow the SSH protocol to access your server or client’s device.

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow ssh

Step 5: IPv6 Configuration for Firewall on Ubuntu Linux


It would help if you opened the firewall configuration script using any script editor to configure the IPv6 (Internet Protocol, version 6) on Ubuntu Linux. In my case, I am using the Nano editor to edit and write an IPV6 configuration. Once the script is opened in the script editor, you must set the IPV6 to Yes. Then you may have to restart the UFW firewall by disabling and enabling the firewall configurations on your Ubuntu Linux.

$ sudo nano /etc/default/ufw
IPV6=yes
$ sudo ufw disable
$ sudo ufw enable

If you need to reconfigure all the UFW firewall configurations on your Ubuntu Linux, you can use the simple terminal commands to reset the firewall configurations on Ubuntu.

$ sudo ufw reset

Extra Tips: Installing the GUI of Firewall on Ubuntu Linux


In this step, I will describe how to install and configure the UFW firewall system on your Ubuntu Linux using the graphical user interface (GUI) method. This method is indeed very easy and straightforward to use. If you think that running terminal commands are a bit complex task for you, then feel free to use the Graphical Uncomplicated Firewall (GUFW).

The GUFW has a very smooth and clean user interface. You can toggle a switch with a mouse click to turn on or turn off the firewall. From the GUFW settings, you can monitor the protocols, add or delete rules, and check the application lists.

Allowing and denying incoming and outgoing networks are easier in GUFW than terminal command methods. Here is the download link of GUFW for Linux users. You will download options for Debian, Linux Mint, SUSE Linux and Arch Linux.

Download GUFW for Linux

Final Thoughts


Before configuring the UFW firewall on your Ubuntu Linux, you need to be sure whether the firewall system is required for you or not. And if you genuinely need to configure the firewall, you may additionally need to know which type of firewall is required to protect your Linux system. However, let me inform you that the firewall configuration cannot prevent internal network attacks and trojan attacks.

In this post, I have described how to install and configure the Firewall with UFW on Ubuntu Linux. If you are using the iptables or the ebtables for internet security monitoring, then you must know that the firewall is a very powerful daemon to protect your Linux system.

However, configuring the UFW firewall in a wrong method can block your regular internet connections and slow down your internet bandwidth. So be careful while you’re configuring the firewall system on your Ubuntu Linux. You can write down your experiences in the comment section if you have used the UFW firewall on Linux. Also, please share this post on your social media.

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here


Exit mobile version