What is UFW Firewall? Configure A Firewall with UFW on Ubuntu

Admin October 19, 2019 Ubuntu 719 Views No comments

What is UFW Firewall?

UFW (uncomplicated firewall), is a program for managing firewall rules in Ubuntu. UFW is default in all Ubuntu installations after Ubuntu 8.04 LTS.  It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration

Install & enable UFW Firewall on Ubuntu

UFW is installed by default on Ubuntu. You can install it if it has been removed for some reason

[admin@serverhow.com ~]:~$ sudo apt-get install ufw

Enable ufw service

[admin@serverhow.com ~]:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

Disable ufw service

[admin@serverhow.com ~]:~$ sudo ufw disable
Firewall stopped and disabled on system startup

Reset ufw service

[admin@serverhow.com ~]:~$ sudo ufw reset
Resetting all rules to installed defaults. This may disrupt existing ssh
connections. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/etc/ufw/user.rules.20191019_102506'
Backing up 'before.rules' to '/etc/ufw/before.rules.20191019_102506'
Backing up 'after.rules' to '/etc/ufw/after.rules.20191019_102506'
Backing up 'user6.rules' to '/etc/ufw/user6.rules.20191019_102506'
Backing up 'before6.rules' to '/etc/ufw/before6.rules.20191019_102506'
Backing up 'after6.rules' to '/etc/ufw/after6.rules.20191019_102506'

Setting Up Default Policies

To deny all incoming and allow all outgoing connections, run command

[admin@serverhow.com ~]:~$ sudo ufw default allow outgoing
Default outgoing policy changed to 'allow'
(be sure to update your rules accordingly)

[admin@serverhow.com ~]:~$ sudo ufw default deny incoming
Default incoming policy changed to 'deny'
(be sure to update your rules accordingly)

Checking UFW Status and Rules

[admin@serverhow.com ~]:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

Checking UFW Status and Rules

Add Rules

Open port, example: allow ssh port (22)

[admin@serverhow.com ~]:~$ sudo ufw allow 22

Allow service name

[admin@serverhow.com ~]:~$ sudo ufw allow ssh

Advanced Rules

You can specific:

Port Ranges

[admin@serverhow.com ~]:~$ sudo ufw allow 8000:8007/tcp
[admin@serverhow.com ~]:~$ sudo ufw allow 8000:8007/udp

A IP Addresses

[admin@serverhow.com ~]:~$ sudo ufw allow from 156.1.133.7
[admin@serverhow.com ~]:~$ sudo ufw allow from 156.1.133.7 to any port 25

A specific subnet

[admin@serverhow.com ~]:~$ sudo ufw allow from 178.11.200.0/24

Remove Rules

To remove a rule, run command:

[admin@serverhow.com ~]:~$ sudo ufw delete allow 80
[admin@serverhow.com ~]:~$ sudo ufw delete allow http

Logging

You can enable logging with the command:

[admin@serverhow.com ~]:~$ sudo ufw logging on
Logging enabled

Log file will be located at /var/logs/ufw

Set Log levels, the default is low

[admin@serverhow.com ~]:~$ sudo ufw logging low|medium|high

mode_edit Leave a Reply

Your email address will not be published. Required fields are marked *

account_circle
web