When it comes to securing your Linux server or desktop, having a robust firewall is essential. UFW (Uncomplicated Firewall), is a very user-friendly way to manage iptables, the default firewall management tool for Linux.
Installing UFW
Let’s first make sure UFW is installed on your system. Most Linux distributions come with UFW pre-installed. However, if it’s not present, you can install it using your package manager. For instance, on Ubuntu/Debian, you can run:
sudo apt update
sudo apt install ufwBasic Commands to Use with UFW
To enable UFW, use the following command:
sudo ufw enableTo disable UFW:
sudo ufw disableTo check the status of UFW:
sudo ufw statusCommon Use Cases
Allowing incoming traffic on a specific port (e.g., SSH):
sudo ufw allow 22Denying incoming traffic on a specific port:
sudo ufw deny 22UFW also supports allowing or denying traffic based on service names. For instance, to allow HTTP traffic:
sudo ufw allow httpTo allow a range of ports (e.g., 8000 to 9000):
sudo ufw allow 8000:9000/tcpAllowing traffic from a specific IP address:
sudo ufw allow from 192.168.1.100Denying traffic from a specific IP address:
sudo ufw deny from 192.168.1.100By default, UFW doesn’t log denied connections. You can enable logging with:
sudo ufw logging onAnd disable it with:
sudo ufw logging offTo delete a specific rule, first, list the rules with their numbers using:
sudo ufw status numberedThen, delete a rule by its number:
sudo ufw delete 2You can set default policies for incoming and outgoing traffic. This will deny all incoming traffic by default and allow all outgoing traffic.
sudo ufw default deny incoming
sudo ufw default allow outgoingTo Conclude
UFW provides a straightforward way to manage your firewall settings in Linux. I attempted to provide a solid understanding of how to enable/disable UFW, check its status, and perform common tasks like allowing or denying specific ports, services, or IP addresses.
Remember, while UFW simplifies the process, it’s crucial to understand the basics of firewall management for effective security. Be careful about your security needs and review your firewall rules regularly.
Be safe y’all!