How to Configure Firewall on Ubuntu

Edited 5 days ago by ExtremeHow Editorial Team

FirewallUbuntuSecurityLinuxConfigurationOperating SystemsUFWNetworkingAdministrationSystem

Firewalls are essential components in network security. They work to protect your computer from unauthorized access by filtering incoming and outgoing network traffic. Ubuntu, a widely used Linux distribution, offers a firewall known as Uncomplicated Firewall (UFW) that simplifies the process of managing firewall rules. The UFW interface is user-friendly, making it accessible to beginners to set up and configure.

About the UFW

UFW, an acronym for Uncomplicated Firewall, is the default firewall management tool on Ubuntu. It is designed to simplify firewall configuration with a straightforward command-line interface. Ubuntu's UFW is a front-end for iptables, a more complex firewall system prevalent in many Linux distributions. By using UFW, users can bypass the complexities of iptables while establishing robust security.

Installing UFW on Ubuntu

By default, UFW is included when you install Ubuntu. However, for older versions, or if you need to reinstall it for some reason, here's how you can make sure UFW is installed:

sudo apt update sudo apt install ufw

The above commands update the package list and install UFW if it is not present on the system.

Checking UFW status

Before starting to configure, it is important to check whether the status of UFW is active or inactive. Use the following command:

sudo ufw status

The output will show if it is active or not. Normally the initial state is 'inactive'.

Enabling and disabling UFW

To activate the firewall, use the following command:

sudo ufw enable

Once enabled, UFW will automatically configure rules to deny all incoming connections while allowing all outgoing connections. This default policy is suitable for many users. To disable UFW, if necessary, you can use:

sudo ufw disable

Set default policies

Managing the default policies is an important step because these dictate how the firewall handles incoming and outgoing traffic. By default, UFW blocks all incoming connections and allows all outgoing connections. This can be set explicitly:

sudo ufw default deny incoming sudo ufw default allow outgoing

This setup is generally preferred because it prevents unauthorized incoming traffic from reaching your system, while allowing your applications to communicate externally.

Allowing and denying connections

To allow connections on a specific port, you can use the UFW command, followed by the service name or port number. For example, if you want to enable SSH, which by default works on port 22, use:

sudo ufw allow ssh

Or specify the port number directly:

sudo ufw allow 22

Similarly, to deny connections on a particular port, you can use the following:

sudo ufw deny 22

Allowing and denying connections with IP

UFW allows you to restrict access based on IP addresses. For example, to allow an IP address to access port 22, execute:

sudo ufw allow from 192.168.0.2 to any port 22

Conversely, to block an IP address:

sudo ufw deny from 192.168.0.2

Advanced rule options

UFW supports more granular control with advanced options such as restricting access to a specific interface. For example, to allow HTTP traffic (port 80) only on the eth0 interface:

sudo ufw allow in on eth0 to any port 80

These configurations are helpful in scenarios where a server may have multiple network interfaces.

Checking and resetting rules

To review active firewall rules and confirm the configuration, use:

sudo ufw status verbose

For a more detailed view, the Verbose flag provides more information about the state. If you want to reset the UFW firewall rules to the default state at any time:

sudo ufw reset

Please note that executing this command will disable the firewall and remove all custom rules.

Logging

Security monitoring is important, and enabling logging on UFW can help audit and debug network traffic. To turn on logging:

sudo ufw logging on

Log levels can be adjusted depending on detailed requirements: off, low, medium, high or full. To set a specific logging level, use:

sudo ufw logging full

Logs are stored in /var/log/ufw.log, which can be examined for information about allowed or blocked traffic.

Application management

Many services declare their firewall profiles. To see the available applications:

sudo ufw app list

This command lists all services with predefined profiles such as OpenSSH. You can then grant permission to a service with the following:

sudo ufw allow 'OpenSSH'

Using the UFW GUI

For users who prefer a graphical interface, GUFW, a GUI for UFW, can be installed. This provides a visual approach to managing your firewall settings.

sudo apt install gufw

Once installed, access GUFW through your desktop environment's Start menu. The GUI provides an intuitive panel for allowing, denying, and restricting rules, just like the command-line counterpart.

Conclusion

Configuring a firewall is a fundamental aspect of server and desktop security on Ubuntu. Fortunately, UFW simplifies this process into manageable components for different security needs. From setting default policies to fine-tuning specific rules, UFW provides the flexibility needed to effectively protect any Ubuntu system.

By carefully implementing the steps outlined in this guide, users can ensure a robust firewall configuration that minimizes unauthorized access while meeting their specific operational needs. Remember, a secure firewall setup is critical to maintaining the integrity and confidentiality of your network resources.

  Share This Article

If you find anything wrong with the article content, you can request an update