How to configure the Ubuntu Firewall (UFW)

Linux Kernel and hence every Linux distro out there comes with a built-in Firewall but is deactivated. Here's how to configure the Ubuntu firewall wall (UFW).

A properly configured firewall is a crucial part of establishing preliminary system security. Keeping this in mind, here we will go over how to configure the firewall on your Ubuntu PC.

Now, by default, Ubuntu comes with a dedicated firewall configuration tool known as UFW or Uncomplicated Firewall. It is an intuitive front-end system designed to help you manage iptables firewall rules. With UFW, you will be able to use almost all the necessary firewall tasks without having to learn iptables.

As such, for this read, we will be using UFW to help set up a firewall for our Ubuntu PC. We have also put together a detailed step-by-step tutorial on how to use UFW to perform.

Configuring Ubuntu Firewall (UFW)

UFW is a simple and effective firewall application installed on Ubuntu by default, but not enabled. However, if you think that you might have accidentally deleted it, you can type the following command in your terminal to reinstall it again on your system.

sudo apt install ufw

This will install UFW on your system. And if it was already installed, you will get the following screen:

installing UFW on Ubuntu
Installing UFW on Ubuntu

Once installed, you need to make sure that it is enabled and working. To do this, use this command:

sudo ufw status verbose

As you can see from the image, in our system, it shows that UFW is inactive.

checking UFW status
Checking UFW status

In this case, to activate UFW, type in the following command:

sudo ufw enable

This should activate UFW on your system and display this message:

enabling UFW on Ubuntu
Enabling UFW on Ubuntu

Set Up Default Policies

With UFW activated, you can go and recheck its status using the previous command:

sudo ufw status verbose

You should now see something like this:

Default policies on UFW
Default policies on UFW

As you can see, by default, UFW denies all incoming connections and allows all outgoing connections. This prevents clients from connecting to our server from outside but will enable applications from our server to communicate with external servers.

However, you can fine-tune these rules to create a custom firewall specific to your needs and requirements.

In the following sections, we will discuss different ways in which you can control the firewall settings.

Configure UFW Behaviour Based on Incoming Connections to Different Ports

If you wish to allow connections that are using secured SSH, then use this command:

sudo ufw allow ssh

or

sudo ufw allow 22

You should receive the following message:

Allowing ssh connection
Allowing the SSH connection

Port 22 is the default port that the SSH Daemon listens to. As such, you can either configure UFW to allow the service (SSH) or the specific port (22).

Keeping this in mind, if you have configured your SSH daemon to listen to a different port, say port 2222, then you can just replace the 22 with 2222 in the command, and the UFW firewall will allow connections from that port.

Similarly, let’s say you want your server to listen to HTTP on port 80, then you can enter either of the following commands, and the rule will be added to UFW.

sudo ufw allow http

or

sudo ufw allow 80

To allow HTTPS on port 443, you can use the following commands:

sudo ufw allow https

or

sudo ufw allow 443

Now, if you want to let more than one port at the same time, that too is possible. However, in this case, you need to mention both – the port numbers as well as the specific protocol you want to activate.

Here is the command you will use to allow connections from ports 6000 to 6003 coming from TCP as well as UDP.

sudo ufw allow 6000:6003/tcp
sudo ufw allow 6000:6003/udp

Deny Specific Connections

In case you are interested in preventing individual connections, then all you need to do is just swap “allow with “deny in any of the above commands.

For example, let’s say you have seen suspicious activities coming from an IP address 1.10.184.53. In that case, you can use this command to prevent that IP address from connecting with your system:

sudo ufw deny from 1.10.184.53

Configure UFW for IPv6

All the commands we discussed above assume that you are using IPv4. In case your server is configured for IPv6, then you also need to configure UFW to support IPv6. This is done using the following command:

sudo nano /etc/default/ufw

Check and make sure that the value for IPv6 is set to Yes. It should look like this:

Enable IPv6
Enabling IPv6

Now UFW and all the preconfigured rules will support both IPv4 as well as IPv6.

Delete a Specific UFW Rules

Now that you know how to create new rules for UFW, it is also time to learn how to delete specific rules to give you complete control over the firewall toolset.

In case you have set several rules and don’t remember all of them, you can use the following command to get a list of all your firewall rules.

sudo ufw status numbered

This will generate a numbered list of all the UFW rules that you have set up. Now, let’s say you are looking to delete rule number 7. Then you can follow up with this command:

sudo ufw delete 7

Deleting a UFW rule
Deleting a UFW rule

Alternatively, if you already know which rule you want to delete then you can directly enter that into the command like this:

sudo ufw delete allow http

Note: If you have UFW configured for both IPv6 and IPv4, then the delete command is going to remove the rule for both instances.

Access the Firewall Logs

It is important to check your firewall logs from time to time. This will help you identify attacks, notice any sort of unusual activity in your network, and even troubleshoot firewall rules.

Now that being said, you must first enable UFW to create logs, which can be done using the following command:

sudo ufw logging on

The logs will be stored in /var/log/messages, /var/log/syslog, and /var/log/kern.log from where you can access them.

Disable/Reset UFW

If you wish to deactivate UFW along with all its rules, you can use this command:

sudo ufw disable

You will get a message like this:

Deactivating UFW
Deactivating UFW

You can then reactivate UFW using one of the commands discussed above:

sudo ufw enable

However, if you are looking to start afresh and delete all active rules, then you can simply reset UFW using this command:

sudo ufw reset

This should generate the following message, and UFW will be reset, removing all existing rules.

Reset UFW
Reset UFW

Wrapping Up

So this was our in-depth tutorial on how to enable and configure UFW on your Ubuntu. We hope that you found this guide useful and that it helped you in setting up a custom firewall for your Ubuntu system. We have covered all the basic rules and areas of control that you want from your firewall. Got any additional tips on the Ubuntu Firewall? Do let us know in the comments below.

Nitish.S
Nitish is a Technical Writer with five years of experience. He enjoys covering new tech and has a special love for Linux. He also has a keen interest in Blockchain and WordPress.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

23,241FansLike
394FollowersFollow
16SubscribersSubscribe

LATEST ARTICLES

MUST READ

The Ubuntu Cinnamon Remix brings together Linux Mint's Cinnamon desktop with the Ubuntu Core. While some users are welcoming the new flavor of Ubuntu with open arms, others are scratching their heads, wondering where it fits in.
The wait is finally over (almost) for all you Ubuntu fans out there. The latest version of Ubuntu, 20.10 codenamed "Groovy Gorilla," is currently available in the beta version. I have tested out the distro myself, and it is stable enough to take out for a spin.

Guide to watching Disney+ on Linux

Disney Plus or Disney+ is an on-demand entertainment streaming service in which you should see the content produced by Disney Studios, Star Wars, Marvel, Pixar, and National Geographic. The service was launched on the 12th of November 2019.

15 Tar command in Linux uses with examples

Tar is a famous utility that is basically used for collecting multiple files in a single archive. This file is often called a 'tarball'. Today, we are going to tell you about the different things you can do with tarballs using the tar command, with practical examples.

Linux vs. BSD: 10 Key Things You Need to Know

Both Linux and BSD (Berkeley Software Distribution) are free, open-source, and based on Unix. Both systems also use many of the same applications and strive towards the same goal - developing the most stable and reliable operating system.

3 Best Ways to Uninstall Software on Ubuntu

Uninstallation of programs can be done by graphical way using the Ubuntu Software Center, and the Synaptic Package manager. Command-line way of doing it is also possible using apt-get and aptitude commands. We shall discuss each one of them in detail.